Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

windows welcome freeze/ load times/ intermittent internet shut off/ et


  • This topic is locked This topic is locked

#1
pflo

pflo

    New Member

  • Member
  • Pip
  • 8 posts
On restart, computer will freeze at welcome screen. I get loading circle, then freeze when opening files. Internet occasionally just stops working. All started about 3 days ago. Thank you very much!
Paul

OTL logfile created on: 5/11/2012 6:54:44 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Paul Florek\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 36.87% Memory free
7.50 Gb Paging File | 4.72 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.73 Gb Total Space | 104.02 Gb Free Space | 35.78% Space Free | Partition Type: NTFS
Drive D: | 290.78 Gb Total Space | 147.86 Gb Free Space | 50.85% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive O: | 1.88 Gb Total Space | 0.39 Gb Free Space | 20.56% Space Free | Partition Type: FAT

Computer Name: PAULFLOREK-PC | User Name: Paul Florek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/11 18:54:08 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Paul Florek\Downloads\OTL.exe
PRC - [2012/05/11 10:38:54 | 000,351,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
PRC - [2012/04/27 13:58:32 | 000,161,336 | ---- | M] (Google) -- C:\Users\Paul Florek\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2012/03/20 03:52:13 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Paul Florek\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012/03/06 18:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/27 16:57:30 | 000,562,592 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/05/27 16:57:28 | 002,015,136 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/05/27 16:57:26 | 007,025,568 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010/01/08 13:15:24 | 001,118,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtWLan.exe
PRC - [2009/12/07 12:49:24 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe
PRC - [2009/10/09 10:07:20 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2008/10/09 09:07:56 | 000,107,912 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/03/27 08:41:44 | 000,401,408 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
PRC - [2007/03/26 22:20:46 | 000,323,584 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Mouse Driver\KMProcess.exe
PRC - [2007/03/06 13:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Mouse Driver\StartAutorun.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/27 21:07:01 | 000,444,400 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppgooglenaclpluginchrome.dll
MOD - [2012/04/27 21:06:59 | 003,915,248 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
MOD - [2012/04/27 21:05:45 | 000,544,240 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\libglesv2.dll
MOD - [2012/04/27 21:05:44 | 000,117,744 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\libegl.dll
MOD - [2012/04/27 21:05:34 | 000,122,880 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\avutil-51.dll
MOD - [2012/04/27 21:05:33 | 000,220,672 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\avformat-53.dll
MOD - [2012/04/27 21:05:32 | 001,747,456 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll
MOD - [2012/04/27 20:09:18 | 008,743,584 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
MOD - [2012/04/03 12:18:03 | 005,485,056 | ---- | M] () -- C:\Users\Paul Florek\AppData\Roaming\Adobe\Flash Player\NativeCache\34226A5EFCE36CBB3A9DCD319DAADD9B\2759d09c\adobecp-300592-0.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/05/27 16:57:32 | 000,022,944 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/05/27 16:08:56 | 000,660,480 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2010/08/22 22:01:36 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/08/22 22:01:08 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/08/22 22:01:06 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/08/22 22:01:06 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/08/22 21:32:34 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2008/06/16 08:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Mouse Driver\MouseHook.dll
MOD - [2007/03/29 11:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Mouse Driver\keydll.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/12/13 14:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/20 11:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/27 21:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/05/11 10:38:55 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/13 11:23:41 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/05/27 16:57:30 | 000,562,592 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/07 12:49:24 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe -- (Realtek8185)
SRV - [2009/10/09 10:07:20 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/10/09 09:07:56 | 000,107,912 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/02/29 01:07:18 | 000,942,080 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe -- (jswpsapi)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/06 18:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/06 18:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/06 18:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/06 18:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/06 18:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/06 18:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/17 14:02:20 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/08/17 12:41:45 | 000,503,352 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 15:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/12/02 22:30:36 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/24 07:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/02/15 03:24:00 | 000,401,696 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010/01/28 14:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/10/27 21:34:18 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/10/27 21:34:17 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/10/27 11:10:18 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2009/10/21 11:01:34 | 000,767,488 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WN111v2w7x.sys -- (WN111v2)
DRV:64bit: - [2009/10/20 08:51:50 | 001,478,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2009/10/09 09:50:48 | 000,024,248 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2009/09/28 11:55:04 | 000,023,552 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009/08/13 14:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/08/09 16:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/07/26 18:59:32 | 000,020,392 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 19:48:16 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2009/06/17 11:54:38 | 000,112,144 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouKE.Sys -- (LMouKE)
DRV:64bit: - [2009/06/17 11:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 11:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 11:53:42 | 000,089,616 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042mou.Sys -- (L8042mou)
DRV:64bit: - [2009/06/17 11:53:34 | 000,030,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 05:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/10/01 15:44:06 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2008/04/28 03:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:64bit: - [2008/04/01 23:40:18 | 000,215,568 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2008/01/30 04:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/01/30 04:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2006/12/26 09:27:20 | 000,007,168 | ---- | M] (Chic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\moufiltr.sys -- (moufiltr)
DRV:64bit: - [2006/11/28 20:46:20 | 000,043,328 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCAMp50a64.sys -- (PCAMp50a64)
DRV:64bit: - [2006/11/28 20:46:20 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCASp50a64.sys -- (PCASp50a64)
DRV - [2010/04/30 17:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 17:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/04/10 10:43:54 | 000,004,608 | ---- | M] ([email protected]) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\mbmiodrvr.sys -- (mbmiodrvr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...&m=aspire_m3202
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...&m=aspire_m3202
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...&m=aspire_m3202
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....ms}&fr=chr-atty
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...romesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.5331
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:0.5.9
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://slirsredirect...b-en-us&query="


FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Paul Florek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Paul Florek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Paul Florek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Users\Paul Florek\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Paul Florek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/18 18:56:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/04/21 14:29:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/04 19:21:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/11 18:29:54 | 000,000,000 | ---D | M]

[2010/03/09 19:42:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Extensions
[2012/04/02 20:12:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions
[2010/04/14 20:19:18 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2010/07/31 09:27:20 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/03/09 19:42:03 | 000,000,000 | ---D | M] (RDown - Rapidshare Downloader) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\[email protected]
[2011/09/25 16:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\[email protected]
[2010/10/17 15:03:59 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\[email protected]
[2010/04/19 23:14:18 | 000,002,275 | ---- | M] () -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\searchplugins\aim-search.xml
[2012/02/22 23:34:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/22 23:34:27 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/07/15 21:36:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/16 21:00:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/18 08:45:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/11 17:08:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/26 08:47:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/16 19:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010/12/01 14:13:16 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2010/03/09 19:32:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2008/06/18 01:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Paul Florek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Paul Florek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Skype Click to Call = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2:64bit: - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WireLessKeyboard] "C:\Program Files (x86)\Mouse Driver\StartAutorun.exe" KMProcess.exe File not found
O4 - HKLM..\Run: [WireLessMouse] "C:\Program Files (x86)\Mouse Driver\StartAutorun.exe" KMConfig.exe File not found
O4 - HKCU..\Run: [Driver Updater] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {B805D226-4CA5-499C-A8CA-3E61CF947A5D} https://iconect.usel...c901fb85eb0.cab (FileViewer Control)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D79EE20A-321B-43E3-AF23-706A7DD52568} http://law.lexisnexi...light_fyi_4.cab (Dataflight FYI Reviewer Control)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...Installer64.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7348D9FC-11A4-467C-9A2A-20E18837ED46}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\MPK.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\Paul Florek\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Paul Florek\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0d7785ce-163e-11df-a195-00226864b09c}\Shell - "" = AutoRun
O33 - MountPoints2\{0d7785ce-163e-11df-a195-00226864b09c}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{8039e30f-c8f3-11e0-9c5f-00226864b09c}\Shell - "" = AutoRun
O33 - MountPoints2\{8039e30f-c8f3-11e0-9c5f-00226864b09c}\Shell\AutoRun\command - "" = F:\OblivionLauncher.exe
O33 - MountPoints2\{84cd9442-5016-11df-ae26-00226864b09c}\Shell - "" = AutoRun
O33 - MountPoints2\{84cd9442-5016-11df-ae26-00226864b09c}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\{e45ea631-c8f7-11e0-a113-00226864b09c}\Shell - "" = AutoRun
O33 - MountPoints2\{e45ea631-c8f7-11e0-a113-00226864b09c}\Shell\AutoRun\command - "" = F:\INSTALL.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/11 10:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/11 10:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/11 10:41:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/05/07 20:43:51 | 000,000,000 | ---D | C] -- C:\Users\Paul Florek\Desktop\The.Finder.S01E12.REPACK.HDTV.XviD-AFG
[2012/05/07 20:42:47 | 000,000,000 | ---D | C] -- C:\Users\Paul Florek\Desktop\Fringe S4.E21 (xCrazy0328x)
[2012/05/02 18:13:48 | 000,000,000 | ---D | C] -- C:\Users\Paul Florek\AppData\Local\DDMSettings
[2012/04/20 17:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[3 C:\Users\Paul Florek\Desktop\*.tmp files -> C:\Users\Paul Florek\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Paul Florek\*.tmp files -> C:\Users\Paul Florek\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/11 18:57:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2456447077-1367603219-1884821840-1000UA.job
[2012/05/11 18:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/11 18:29:54 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/11 18:21:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/11 17:54:14 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/11 17:54:14 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/11 17:51:30 | 000,738,932 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/11 17:51:30 | 000,632,490 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/11 17:51:30 | 000,110,228 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/11 17:47:18 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/11 17:47:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/11 17:46:46 | 3019,251,712 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/11 09:56:55 | 000,905,701 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\census.cache
[2012/05/11 09:56:21 | 000,126,174 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\ars.cache
[2012/05/11 09:46:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/05/11 03:57:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2456447077-1367603219-1884821840-1000Core.job
[2012/05/10 19:06:55 | 000,000,344 | ---- | M] () -- C:\Users\Paul Florek\Documents\cc_20120510_190651.reg
[2012/05/10 03:31:31 | 000,387,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/09 18:19:52 | 000,006,812 | ---- | M] () -- C:\Users\Paul Florek\Desktop\polish alphabet.gif
[2012/05/07 15:30:11 | 000,006,471 | ---- | M] () -- C:\Users\Paul Florek\Desktop\trump.jpg
[2012/05/01 04:58:59 | 000,002,440 | ---- | M] () -- C:\Users\Paul Florek\Desktop\Google Chrome.lnk
[2012/04/30 20:39:55 | 000,001,352 | ---- | M] () -- C:\Users\Paul Florek\Documents\cc_20120430_203951.reg
[2012/04/28 15:27:32 | 296,966,352 | ---- | M] () -- C:\Users\Paul Florek\Desktop\Grimm.S01E19.HDTV.x264-LOL.[VTV].mp4
[2012/04/27 00:49:20 | 000,247,923 | ---- | M] () -- C:\Users\Paul Florek\Desktop\2012 North Texas Collegium Registration Form Revised.pdf
[3 C:\Users\Paul Florek\Desktop\*.tmp files -> C:\Users\Paul Florek\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Paul Florek\*.tmp files -> C:\Users\Paul Florek\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/11 18:29:54 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/11 10:39:26 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/11 09:56:55 | 000,905,701 | ---- | C] () -- C:\Users\Paul Florek\AppData\Local\census.cache
[2012/05/11 09:56:21 | 000,126,174 | ---- | C] () -- C:\Users\Paul Florek\AppData\Local\ars.cache
[2012/05/10 19:06:54 | 000,000,344 | ---- | C] () -- C:\Users\Paul Florek\Documents\cc_20120510_190651.reg
[2012/05/09 18:20:02 | 000,006,812 | ---- | C] () -- C:\Users\Paul Florek\Desktop\polish alphabet.gif
[2012/05/07 15:30:22 | 000,006,471 | ---- | C] () -- C:\Users\Paul Florek\Desktop\trump.jpg
[2012/04/30 20:39:53 | 000,001,352 | ---- | C] () -- C:\Users\Paul Florek\Documents\cc_20120430_203951.reg
[2012/04/28 15:22:48 | 296,966,352 | ---- | C] () -- C:\Users\Paul Florek\Desktop\Grimm.S01E19.HDTV.x264-LOL.[VTV].mp4
[2012/04/27 00:49:26 | 000,247,923 | ---- | C] () -- C:\Users\Paul Florek\Desktop\2012 North Texas Collegium Registration Form Revised.pdf
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/10 01:33:54 | 000,000,464 | ---- | C] () -- C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
[2010/08/03 20:28:49 | 000,000,604 | -H-- | C] () -- C:\ProgramData\T2
[2010/08/03 20:28:49 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STLL Notifier
[2010/07/02 23:02:32 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

========== LOP Check ==========

[2010/04/14 20:19:36 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\acccore
[2010/03/09 19:41:54 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Acer
[2010/03/09 19:41:54 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Acer GameZone Console
[2011/10/26 15:42:05 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Amazon
[2010/03/09 19:41:54 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Bioshock
[2012/03/10 22:50:14 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Canon
[2012/02/29 12:32:25 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\com.acrobat.createpdf.CreatePDFDesktop
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\DAEMON Tools Lite
[2010/07/29 17:37:27 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\DAEMON Tools Net
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\DAEMON Tools Pro
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Games
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\GARMIN
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Image Zone Express
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Leadertech
[2010/08/15 18:23:48 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\My Games
[2010/03/09 19:42:03 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\NationRed
[2010/03/09 19:42:03 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\OpenOffice.org
[2012/04/11 18:10:51 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\PandoraRecovery
[2010/03/09 19:42:04 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Printer Info Cache
[2012/02/29 23:41:36 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Spotify
[2010/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\StreamTorrent
[2010/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\SystemRequirementsLab
[2010/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Template
[2010/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\The Creative Assembly
[2010/12/01 21:29:10 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Ubisoft
[2012/05/10 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\uTorrent
[2011/01/29 21:58:31 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\VidaOne
[2011/11/02 08:55:55 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8CE646EE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C8B8CEBD

< End of report >
  • 0

Advertisements


#2
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Hi, pflo! Posted ImageMy nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.


Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

Step 1.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

If it does not run rename it iexplore.exe and try it again.


Step 2.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    C:\windows\*. /RP /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 3.

Please post:

aswMBR log
OTL.txt
Extras.txt


Give me an update on your computer's issues.
  • 0

#3
pflo

pflo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
No more windows welcome freeze, but load times still take extended time and I get the waiting circle opening programs that I've never had before. It didn't open an extra.txt file...I'm not sure why.

OTL logfile created on: 5/13/2012 11:14:40 PM - Run 2
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Paul Florek\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 52.45% Memory free
7.50 Gb Paging File | 5.26 Gb Available in Paging File | 70.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.73 Gb Total Space | 105.18 Gb Free Space | 36.18% Space Free | Partition Type: NTFS
Drive D: | 290.78 Gb Total Space | 143.93 Gb Free Space | 49.50% Space Free | Partition Type: NTFS
Drive O: | 1.88 Gb Total Space | 0.39 Gb Free Space | 20.56% Space Free | Partition Type: FAT

Computer Name: PAULFLOREK-PC | User Name: Paul Florek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/13 22:50:39 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Paul Florek\Downloads\OTL (1).exe
PRC - [2012/03/06 18:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/05/27 16:57:30 | 000,562,592 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/05/27 16:57:28 | 002,015,136 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/05/27 16:57:26 | 007,025,568 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2010/01/08 13:15:24 | 001,118,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtWLan.exe
PRC - [2009/12/07 12:49:24 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe
PRC - [2009/10/09 10:07:20 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2008/10/09 09:07:56 | 000,107,912 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/03/27 08:41:44 | 000,401,408 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
PRC - [2007/03/26 22:20:46 | 000,323,584 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Mouse Driver\KMProcess.exe
PRC - [2007/03/06 13:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Mouse Driver\StartAutorun.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/27 21:07:01 | 000,444,400 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppgooglenaclpluginchrome.dll
MOD - [2012/04/27 21:06:59 | 003,915,248 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
MOD - [2012/04/27 21:05:34 | 000,122,880 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\avutil-51.dll
MOD - [2012/04/27 21:05:33 | 000,220,672 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\avformat-53.dll
MOD - [2012/04/27 21:05:32 | 001,747,456 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll
MOD - [2011/05/27 16:57:32 | 000,022,944 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/05/27 16:08:56 | 000,660,480 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2010/08/22 22:01:36 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/08/22 22:01:08 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/08/22 22:01:06 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/08/22 22:01:06 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/08/22 21:32:34 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2008/06/16 08:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Mouse Driver\MouseHook.dll
MOD - [2007/03/29 11:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Mouse Driver\keydll.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/12/13 14:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/20 11:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/27 21:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/05/11 10:38:55 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/13 11:23:41 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/05/27 16:57:30 | 000,562,592 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/07 12:49:24 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe -- (Realtek8185)
SRV - [2009/10/09 10:07:20 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/10/09 09:07:56 | 000,107,912 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/02/29 01:07:18 | 000,942,080 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe -- (jswpsapi)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/06 18:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/06 18:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/06 18:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/06 18:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/06 18:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/06 18:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/17 14:02:20 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/08/17 12:41:45 | 000,503,352 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 15:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/12/02 22:30:36 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/24 07:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/02/15 03:24:00 | 000,401,696 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010/01/28 14:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/10/27 21:34:18 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/10/27 21:34:17 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/10/27 11:10:18 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2009/10/21 11:01:34 | 000,767,488 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WN111v2w7x.sys -- (WN111v2)
DRV:64bit: - [2009/10/20 08:51:50 | 001,478,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2009/10/09 09:50:48 | 000,024,248 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2009/09/28 11:55:04 | 000,023,552 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009/08/13 14:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/08/09 16:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/07/26 18:59:32 | 000,020,392 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 19:48:16 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2009/06/17 11:54:38 | 000,112,144 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouKE.Sys -- (LMouKE)
DRV:64bit: - [2009/06/17 11:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 11:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 11:53:42 | 000,089,616 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042mou.Sys -- (L8042mou)
DRV:64bit: - [2009/06/17 11:53:34 | 000,030,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 05:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/10/01 15:44:06 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2008/04/28 03:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:64bit: - [2008/04/01 23:40:18 | 000,215,568 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2008/01/30 04:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/01/30 04:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2006/12/26 09:27:20 | 000,007,168 | ---- | M] (Chic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\moufiltr.sys -- (moufiltr)
DRV:64bit: - [2006/11/28 20:46:20 | 000,043,328 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCAMp50a64.sys -- (PCAMp50a64)
DRV:64bit: - [2006/11/28 20:46:20 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCASp50a64.sys -- (PCASp50a64)
DRV - [2010/04/30 17:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 17:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/04/10 10:43:54 | 000,004,608 | ---- | M] ([email protected]) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\mbmiodrvr.sys -- (mbmiodrvr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...&m=aspire_m3202
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...&m=aspire_m3202
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...&m=aspire_m3202
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....ms}&fr=chr-atty
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...romesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.5331
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:0.5.9
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://slirsredirect...b-en-us&query="


FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Paul Florek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Paul Florek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Paul Florek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Users\Paul Florek\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Paul Florek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/18 18:56:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/04/21 14:29:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/04 19:21:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/11 18:29:54 | 000,000,000 | ---D | M]

[2010/03/09 19:42:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Extensions
[2012/04/02 20:12:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions
[2010/04/14 20:19:18 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2010/07/31 09:27:20 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/03/09 19:42:03 | 000,000,000 | ---D | M] (RDown - Rapidshare Downloader) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\[email protected]
[2011/09/25 16:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\[email protected]
[2010/10/17 15:03:59 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\extensions\[email protected]
[2010/04/19 23:14:18 | 000,002,275 | ---- | M] () -- C:\Users\Paul Florek\AppData\Roaming\Mozilla\Firefox\Profiles\5oseyfrh.default\searchplugins\aim-search.xml
[2012/02/22 23:34:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/22 23:34:27 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/07/15 21:36:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/16 21:00:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/18 08:45:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/11 17:08:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/26 08:47:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/16 19:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010/12/01 14:13:16 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2010/03/09 19:32:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2008/06/18 01:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Paul Florek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Paul Florek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Skype Click to Call = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Paul Florek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2:64bit: - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WireLessKeyboard] "C:\Program Files (x86)\Mouse Driver\StartAutorun.exe" KMProcess.exe File not found
O4 - HKLM..\Run: [WireLessMouse] "C:\Program Files (x86)\Mouse Driver\StartAutorun.exe" KMConfig.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000..\Run: [Driver Updater] File not found
O4 - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2456447077-1367603219-1884821840-1000\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {B805D226-4CA5-499C-A8CA-3E61CF947A5D} https://iconect.usel...c901fb85eb0.cab (FileViewer Control)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D79EE20A-321B-43E3-AF23-706A7DD52568} http://law.lexisnexi...light_fyi_4.cab (Dataflight FYI Reviewer Control)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...Installer64.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57DD79F5-5850-452D-AF80-E3D59CCEA945}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7348D9FC-11A4-467C-9A2A-20E18837ED46}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\MPK.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\Paul Florek\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Paul Florek\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0d7785ce-163e-11df-a195-00226864b09c}\Shell - "" = AutoRun
O33 - MountPoints2\{0d7785ce-163e-11df-a195-00226864b09c}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{8039e30f-c8f3-11e0-9c5f-00226864b09c}\Shell - "" = AutoRun
O33 - MountPoints2\{8039e30f-c8f3-11e0-9c5f-00226864b09c}\Shell\AutoRun\command - "" = F:\OblivionLauncher.exe
O33 - MountPoints2\{84cd9442-5016-11df-ae26-00226864b09c}\Shell - "" = AutoRun
O33 - MountPoints2\{84cd9442-5016-11df-ae26-00226864b09c}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\{e45ea631-c8f7-11e0-a113-00226864b09c}\Shell - "" = AutoRun
O33 - MountPoints2\{e45ea631-c8f7-11e0-a113-00226864b09c}\Shell\AutoRun\command - "" = F:\INSTALL.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/05/11 10:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/11 10:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/11 10:41:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/05/02 18:13:48 | 000,000,000 | ---D | C] -- C:\Users\Paul Florek\AppData\Local\DDMSettings
[2012/04/20 17:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[3 C:\Users\Paul Florek\Desktop\*.tmp files -> C:\Users\Paul Florek\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Paul Florek\*.tmp files -> C:\Users\Paul Florek\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/13 23:13:38 | 000,000,512 | ---- | M] () -- C:\Users\Paul Florek\Desktop\MBR.dat
[2012/05/13 22:57:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2456447077-1367603219-1884821840-1000UA.job
[2012/05/13 22:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/13 22:21:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/13 17:21:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/13 03:57:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2456447077-1367603219-1884821840-1000Core.job
[2012/05/13 02:44:10 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/13 02:44:10 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/12 00:14:11 | 000,738,932 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/12 00:14:11 | 000,632,490 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/12 00:14:11 | 000,110,228 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/12 00:05:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/12 00:04:50 | 3019,251,712 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/11 18:29:54 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/11 09:56:55 | 000,905,701 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\census.cache
[2012/05/11 09:56:21 | 000,126,174 | ---- | M] () -- C:\Users\Paul Florek\AppData\Local\ars.cache
[2012/05/11 09:46:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/05/10 19:06:55 | 000,000,344 | ---- | M] () -- C:\Users\Paul Florek\Documents\cc_20120510_190651.reg
[2012/05/10 03:31:31 | 000,387,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/09 18:19:52 | 000,006,812 | ---- | M] () -- C:\Users\Paul Florek\Desktop\polish alphabet.gif
[2012/05/07 15:30:11 | 000,006,471 | ---- | M] () -- C:\Users\Paul Florek\Desktop\trump.jpg
[2012/05/01 04:58:59 | 000,002,440 | ---- | M] () -- C:\Users\Paul Florek\Desktop\Google Chrome.lnk
[2012/04/30 20:39:55 | 000,001,352 | ---- | M] () -- C:\Users\Paul Florek\Documents\cc_20120430_203951.reg
[2012/04/28 15:27:32 | 296,966,352 | ---- | M] () -- C:\Users\Paul Florek\Desktop\Grimm.S01E19.HDTV.x264-LOL.[VTV].mp4
[2012/04/27 00:49:20 | 000,247,923 | ---- | M] () -- C:\Users\Paul Florek\Desktop\2012 North Texas Collegium Registration Form Revised.pdf
[3 C:\Users\Paul Florek\Desktop\*.tmp files -> C:\Users\Paul Florek\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Paul Florek\*.tmp files -> C:\Users\Paul Florek\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/13 23:13:38 | 000,000,512 | ---- | C] () -- C:\Users\Paul Florek\Desktop\MBR.dat
[2012/05/11 18:29:54 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/11 10:39:26 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/11 09:56:55 | 000,905,701 | ---- | C] () -- C:\Users\Paul Florek\AppData\Local\census.cache
[2012/05/11 09:56:21 | 000,126,174 | ---- | C] () -- C:\Users\Paul Florek\AppData\Local\ars.cache
[2012/05/10 19:06:54 | 000,000,344 | ---- | C] () -- C:\Users\Paul Florek\Documents\cc_20120510_190651.reg
[2012/05/09 18:20:02 | 000,006,812 | ---- | C] () -- C:\Users\Paul Florek\Desktop\polish alphabet.gif
[2012/05/07 15:30:22 | 000,006,471 | ---- | C] () -- C:\Users\Paul Florek\Desktop\trump.jpg
[2012/04/30 20:39:53 | 000,001,352 | ---- | C] () -- C:\Users\Paul Florek\Documents\cc_20120430_203951.reg
[2012/04/28 15:22:48 | 296,966,352 | ---- | C] () -- C:\Users\Paul Florek\Desktop\Grimm.S01E19.HDTV.x264-LOL.[VTV].mp4
[2012/04/27 00:49:26 | 000,247,923 | ---- | C] () -- C:\Users\Paul Florek\Desktop\2012 North Texas Collegium Registration Form Revised.pdf
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/10 01:33:54 | 000,000,464 | ---- | C] () -- C:\Windows\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
[2010/08/03 20:28:49 | 000,000,604 | -H-- | C] () -- C:\ProgramData\T2
[2010/08/03 20:28:49 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STLL Notifier
[2010/07/02 23:02:32 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

========== LOP Check ==========

[2010/03/09 19:47:04 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2010/03/09 19:47:04 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2010/04/14 20:19:36 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\acccore
[2010/03/09 19:41:54 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Acer
[2010/03/09 19:41:54 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Acer GameZone Console
[2011/10/26 15:42:05 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Amazon
[2010/03/09 19:41:54 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Bioshock
[2012/03/10 22:50:14 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Canon
[2012/02/29 12:32:25 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\com.acrobat.createpdf.CreatePDFDesktop
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\DAEMON Tools Lite
[2010/07/29 17:37:27 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\DAEMON Tools Net
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\DAEMON Tools Pro
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Games
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\GARMIN
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Image Zone Express
[2010/03/09 19:41:55 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Leadertech
[2010/08/15 18:23:48 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\My Games
[2010/03/09 19:42:03 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\NationRed
[2010/03/09 19:42:03 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\OpenOffice.org
[2012/04/11 18:10:51 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\PandoraRecovery
[2010/03/09 19:42:04 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Printer Info Cache
[2012/02/29 23:41:36 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Spotify
[2010/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\StreamTorrent
[2010/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\SystemRequirementsLab
[2010/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Template
[2010/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\The Creative Assembly
[2010/12/01 21:29:10 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\Ubisoft
[2012/05/10 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\uTorrent
[2011/01/29 21:58:31 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\VidaOne
[2011/11/02 08:55:55 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
"DhcpNodeType" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{57DD79F5-5850-452D-AF80-E3D59CCEA945}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{7348D9FC-11A4-467C-9A2A-20E18837ED46}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{BDFD0B31-A942-43CC-BEF7-968416D5BBF1}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{FC136DC5-E33B-4499-B123-BD004BA64819}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 01 01 0B 01 09 01 00 01 04 01 02 01 0E 01 07 01 0C 01 0A 01 06 01 03 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 14
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/04/02 19:55:47 | 000,553,720 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/04/02 19:55:47 | 000,553,720 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/04/02 19:55:47 | 000,553,720 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2011/04/02 19:55:45 | 000,910,808 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2011/04/02 19:55:45 | 000,910,808 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2011/04/02 19:55:45 | 000,910,808 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/27 21:07:02 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/27 21:07:02 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/27 21:07:02 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Paul Florek\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/04/27 21:07:02 | 001,224,176 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/02/13 21:35:20 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/02/13 21:35:20 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/02/13 21:35:20 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/02/13 21:35:20 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/02/13 21:35:20 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2011/03/21 19:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2011/03/21 19:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2011/03/21 19:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2011/03/21 19:10:48 | 002,388,264 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2011/04/02 19:55:47 | 000,553,720 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2011/04/02 19:55:47 | 000,553,720 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2011/04/02 19:55:47 | 000,553,720 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2011/04/02 19:55:45 | 000,910,808 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2011/04/02 19:55:45 | 000,910,808 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2011/04/02 19:55:45 | 000,910,808 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\PAUL FLOREK\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/04/27 21:07:02 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\PAUL FLOREK\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/04/27 21:07:02 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\PAUL FLOREK\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/04/27 21:07:02 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\PAUL FLOREK\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/04/27 21:07:02 | 001,224,176 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/02/13 21:35:19 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/02/13 21:35:19 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/02/13 21:35:19 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/02/13 21:35:20 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/02/13 21:35:20 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2011/03/21 19:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2011/03/21 19:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2011/03/21 19:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2011/03/21 19:10:48 | 002,388,264 | ---- | M] (Apple Inc.)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< C:\windows\*. /RP /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: PAULFLOREK-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 E DVD-ROM 0 B No Media
Volume 1 F DVD-ROM 0 B No Media
Volume 2 C ACER NTFS Partition 290 GB Healthy System
Volume 3 D DATA NTFS Partition 290 GB Healthy
Volume 4 PQSERVICE NTFS Partition 14 GB Healthy Hidden
Volume 5 O FAT Removable 1927 MB Healthy
Volume 6 G Removable 0 B No Media
Volume 7 H Removable 0 B No Media
Volume 8 I Removable 0 B No Media
Volume 9 J Removable 0 B No Media
Volume 10 L Removable 0 B No Media

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8CE646EE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C8B8CEBD

< End of report >


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-13 22:50:52
-----------------------------
22:50:52.322 OS Version: Windows x64 6.1.7601 Service Pack 1
22:50:52.322 Number of processors: 4 586 0x203
22:50:52.322 ComputerName: PAULFLOREK-PC UserName: Paul Florek
22:50:53.866 Initialize success
22:50:57.923 AVAST engine defs: 12051301
22:51:02.786 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:51:02.786 Disk 0 Vendor: Hitachi_HDT721064SLA360 STDOA31B Size: 610480MB BusType: 3
22:51:02.801 Disk 0 MBR read successfully
22:51:02.817 Disk 0 MBR scan
22:51:02.817 Disk 0 Windows 7 default MBR code
22:51:02.817 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15005 MB offset 63
22:51:02.833 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 297712 MB offset 30734336
22:51:02.848 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 297760 MB offset 640448512
22:51:02.895 Disk 0 scanning C:\Windows\system32\drivers
22:51:13.071 Service scanning
22:51:34.359 Modules scanning
22:51:34.366 Disk 0 trace - called modules:
22:51:34.384 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS amdide64.sys PCIIDEX.SYS hal.dll atapi.sys
22:51:34.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004998060]
22:51:34.395 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa80045079b0]
22:51:34.399 5 ACPI.sys[fffff88000f297a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800498a060]
22:51:34.813 AVAST engine scan C:\Windows
22:51:37.017 AVAST engine scan C:\Windows\system32
22:53:20.012 AVAST engine scan C:\Windows\system32\drivers
22:53:28.219 AVAST engine scan C:\Users\Paul Florek
23:11:20.155 AVAST engine scan C:\ProgramData
23:12:50.183 Scan finished successfully
23:13:38.356 Disk 0 MBR has been saved successfully to "C:\Users\Paul Florek\Desktop\MBR.dat"
23:13:38.356 The log file has been saved successfully to "C:\Users\Paul Florek\Desktop\aswMBR.txt"
  • 0

#4
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Please re-open OTL

  • Double click the Posted Image on your desktop. Vista /7 users right click and click Run as Administrator. Make sure all other windows are closed .
  • You will see a console like the one below:

Posted Image

  • At the top of the console click the greyed out None button.<---Very Important
  • Make sure the Output box at the top is set to Standard Output.
  • In the Extra Registry section, click the Use Safelist button.<---Very Important
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted. The scan won't take long.
  • When the scan completes, it will open a notepad window, Extras.Txt. It is saved in the same location as OTL.

  • 0

#5
pflo

pflo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Here it is.

OTL Extras logfile created on: 5/14/2012 7:09:15 AM - Run 2
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Paul Florek\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 49.62% Memory free
7.50 Gb Paging File | 5.16 Gb Available in Paging File | 68.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.73 Gb Total Space | 105.18 Gb Free Space | 36.18% Space Free | Partition Type: NTFS
Drive D: | 290.78 Gb Total Space | 143.93 Gb Free Space | 49.50% Space Free | Partition Type: NTFS
Drive O: | 1.88 Gb Total Space | 0.39 Gb Free Space | 20.56% Space Free | Partition Type: FAT

Computer Name: PAULFLOREK-PC | User Name: Paul Florek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2456447077-1367603219-1884821840-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02636D5B-2D1F-444B-ADA0-DEB56982908B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0382A2A9-D422-4653-B1E7-010505A3C4D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0906AED7-3F8C-471A-8740-671A342BF031}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45188315-94F3-43EF-9378-455FF84175F0}" = lport=56799 | protocol=17 | dir=in | name=pando p2p udp listening port |
"{525325CC-BD59-43BE-A76B-8E870B19F3C9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{632AF17A-11FF-4325-A9CB-DD66FB0DA3B2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{801E66BF-C3AF-4BCE-A966-F1242304F9A1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9437CCC4-A518-4315-A52C-A38596A36D59}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9AFC6FD6-B031-47C8-9BE8-2DFEB4D898E2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A7362E25-9E5F-4789-9442-DA090D2F83A4}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{A9B6C069-9490-4BAA-A3C3-7AE4D0973C5E}" = lport=56799 | protocol=6 | dir=in | name=pando p2p tcp listening port |
"{AEAA8DFB-8946-48F3-B460-BD45E7E8F2E6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D22DEFB9-A193-48CD-B300-CC79CB06D2A6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D4906E3E-5349-48B7-BE3B-6AB77AD5EC12}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1151720-F005-4BA8-A0AE-B581C3279C7C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E3F78EAE-C248-4FA7-A7BC-2A6B4E158ED5}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{EA063EA9-130F-4CC3-A733-541C5DCDB8D5}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{F73E178C-939E-4A15-992F-1684F0AF6FCA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D2CC10-9BA5-4651-9218-18B2DF03556C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0567C8C6-B897-47B7-8C01-C75CFF1AA24F}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{0742674C-8DFA-441B-899B-C6325F399EDA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0817B81B-4D70-4556-85CB-3F2649F61F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{0FA3C7AF-9E7F-4F4D-A9CA-4E0CBDAD123D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0FE55ACD-843E-40FD-A797-B63B65C6B796}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{116C3F06-60AC-4FF5-8D73-985CF51275F6}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{12773531-F558-4AAC-A0FE-F737B00EC3A3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{14007395-6249-494D-B713-F3F5F50DB52F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{191B1948-4D67-48B2-90F4-F69C45212DAE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1BFA4F31-B633-421C-BC13-3D0D6454E7FF}" = protocol=17 | dir=in | app=c:\program files (x86)\sibelius software\sibelius 6\regtool.exe |
"{1E72C432-7015-4CE7-8219-F06DA4244C79}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{20B8E2A8-C58C-4468-8416-49DCFC014E5C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{280508A1-A768-4F29-A8A9-40335570920B}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{28B56F19-EEA7-42BA-8AA7-941150D17962}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{290C9699-3BA2-40C5-B0D5-6870D1995E81}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2BC7576A-C916-45E8-9A57-A3EDA0260A7E}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{2E433089-0F31-4712-926C-508BE397FE94}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{32EEA5BF-8737-4A41-83E4-3BBB1609E407}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe |
"{35713D78-FAE3-4301-B0D5-41C12B9D3819}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\rtl8185 wireless lan utility\rtwlan.exe |
"{383CA3CB-61C0-4683-A661-8215A3011470}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3A89F9EE-5236-40F9-BD87-E53B27A62A40}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3C16257A-4BB2-4A94-ABB4-F801F7725EED}" = protocol=6 | dir=in | app=c:\program files (x86)\sibelius software\sibelius 6\sibelius.exe |
"{3F782758-B2E6-464A-AE74-05384439A802}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{3FA19003-2FDC-47F2-9562-05D6FAAE91E2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{403562F8-F792-45B5-88A8-29C89F4F2BB1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{40F73F30-AB18-4BA9-92DB-CB5F6F97B95F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{44386F89-D252-4D6B-B01F-682FAB51204C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{49C5A6E7-BE4D-440E-8748-26B6E56341A3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{50527641-CCA6-4CF6-9C07-EE510C5FE4B8}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe |
"{521B9BBC-5CAC-4091-9D06-C9A1F469D441}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{52885848-6F18-4A69-93E5-6A2D9423A7B4}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe |
"{547393C0-A299-41C1-929D-836E96FD5EF3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{596E04D8-0D16-44FD-846B-8462D08E8DC2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5B6DC649-D79F-4619-BB26-08654C12338E}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{5C05315C-AAD1-4BB7-B566-D9C83FA90559}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{628B4C92-E0F4-4E9B-BC01-8721B7E26CAD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{654AD7A5-52ED-4B43-A617-EA1B42766A0D}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{67E08B95-258C-4FF8-87BE-576761EF7574}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\command & conquer red alert 3 demo\ra3demo.exe |
"{68344C88-3C1A-4F62-8D9D-593AFF0D5C83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6955648F-65E3-4F07-9AC9-FD948619B8C4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6A80A373-FB27-4089-8839-22276105296D}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\daoriginslauncher.exe |
"{6C2648F0-CD5D-433E-8459-251003E221AC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{702879F8-0C4C-4400-A2C0-18B7B28C4128}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{79058B07-1DED-4A70-8680-6A2B5B717221}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{7C3E3118-C000-472E-B394-21B5507739E0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F679CEB-6863-4321-816E-7646498F6EA4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{7F77AADC-DBEA-40E1-B768-B7284F5EFD11}" = protocol=17 | dir=in | app=c:\windows\syswow64\mpk\mpkview.exe |
"{82808614-8ECD-445A-8795-C50EC93D775B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{82FC7E76-19C2-417A-A5DC-F6347485DB52}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89A237AC-506C-464F-872D-9F3E8E975D78}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{8AE3B8AB-BDD7-4626-8CB9-CFA69904EAD4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{8EB4B836-F1E2-4BA4-9500-AB25508CD6EA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{94D729ED-A301-4498-B3C4-B5844920F32A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{96F31941-243A-44C0-AC71-1F0C72C4E720}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{97A9A7ED-E204-4282-BB7D-BD39E0B5C1BE}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{97CB85B2-D3B2-440E-A884-9A26E9C0E434}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{9CFB3B42-0B8B-4FA8-B065-608DE31A55A3}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{A69BA68F-BA04-4F7D-A71D-DDF946B77514}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ADD5FF37-5B19-49ED-81B6-60897D34E319}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{B03B531F-CDC9-4E2B-81F8-557FF2EDF23B}" = protocol=6 | dir=in | app=c:\windows\syswow64\mpk\mpkview.exe |
"{B0FBF01D-99CF-4C4D-B567-F9277A552AAD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B2696212-9BD2-460C-96D6-BD44DABE2407}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\rtl8185 wireless lan utility\rtwlan.exe |
"{BA23C856-EC77-4587-9A72-F13F843D890F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BDB02D8B-10EC-4425-B7D0-D9D205310C42}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{BEFB3715-9634-4561-B698-E6D9B4F115D3}" = dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{BF571FCB-842D-4C4E-A952-73C75C05AF62}" = protocol=6 | dir=out | app=system |
"{C0EF0040-DFF1-49D0-A6E4-341F0AEC21AA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\command & conquer red alert 3 demo\ra3demo.exe |
"{C2AAAB9F-12CC-4DBD-9CBC-4AABF5DBDE92}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\daoriginslauncher.exe |
"{C33BF5B9-A772-461A-AB79-3A98815DE184}" = protocol=17 | dir=in | app=c:\program files (x86)\sibelius software\sibelius 6\sibelius.exe |
"{C5EDD6E7-6B41-43ED-842E-251896F5D000}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{D10C405D-0CCD-4D4B-9738-79ABCBD51E00}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{D14A0964-1D27-4525-B6EF-13D0C97F15E9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{D928C165-A0F2-426C-9917-6C40F50A0488}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{DD3470D7-BAF1-4677-8CE6-8041E03F2A86}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DE9266C6-F54E-43BD-A2CC-8CC013D6A226}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{DF32DBCB-BF6D-4FD8-9409-22656663C14A}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{E49D1398-C6C8-4250-BFA0-A75F4813E764}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{E5C71C49-6EBE-4F78-8A97-01E93EEFE7A3}" = protocol=6 | dir=in | app=c:\program files (x86)\sibelius software\sibelius 6\regtool.exe |
"{E6F21ED9-036B-448D-91A7-24D6C9CDE184}" = protocol=17 | dir=in | app=c:\windows\syswow64\mpk\mpk.exe |
"{E715FD87-3FF3-4FAB-BA5D-1A0F7D06E29D}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{E7F7DA94-AE18-4095-B2B5-0EB0F48A2E2C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E9D52A14-A6A1-4D5A-B002-24BD221B0BFE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2F69899-DA8B-4B6B-808A-48E0B63E9589}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{F39A3217-6BB7-44A7-9B8E-0B7613DFC1AA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F406AA60-BDA3-4129-B85C-5EA98D429595}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{F6F4AC78-B16B-4423-A2A8-3707C3B413D0}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{F9277CF3-0BE1-4FF7-9945-3BF544AEFCE1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F9750630-C80A-403B-A2E5-E9A5EA7BED60}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe |
"{FC1516AB-2534-4AD0-87AB-9C8F0064FEBE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FE307B6F-D59C-4225-98DB-A6CEF3B458EC}" = protocol=6 | dir=in | app=c:\windows\syswow64\mpk\mpk.exe |
"TCP Query User{03C02ABE-8DDC-45E1-99FB-DF62B287471A}C:\users\paul florek\desktop\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\users\paul florek\desktop\team fortress 2\hl2.exe |
"TCP Query User{1F03AC9D-303F-4057-9DDF-4BF9D21C780E}C:\program files (x86)\pando networks\pando\pando.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |
"TCP Query User{24E0F550-7471-40C7-812C-C872AC6D6E85}C:\users\paul florek\desktop\mohpa.exe" = protocol=6 | dir=in | app=c:\users\paul florek\desktop\mohpa.exe |
"TCP Query User{2A47B79D-2873-41CA-9576-6064D4081886}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{3517C317-057C-4CB2-9280-91F5CA850CD7}C:\program files (x86)\usarmy\america's army 2\system\armyops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\usarmy\america's army 2\system\armyops.exe |
"TCP Query User{3E47E648-05A5-4444-BE54-AD69317E4580}C:\program files (x86)\ea games\medal of honor pacific assault™\mohpa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\medal of honor pacific assault™\mohpa.exe |
"TCP Query User{553B8EBE-88D4-44BC-A8EA-E51125AF921E}C:\users\paul florek\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\paul florek\appdata\roaming\spotify\spotify.exe |
"TCP Query User{583E87B8-0881-43A6-96B5-5AA667AEF7A2}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{6500ACDF-B669-49C0-A858-405FEE963645}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{67FEFED1-FE4B-4E19-A35F-23EA409D0E3C}C:\users\paul florek\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\paul florek\appdata\roaming\spotify\spotify.exe |
"TCP Query User{74A0D4BF-3977-4A1A-BCE9-DA7152100DC0}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{7ABEBF67-B41B-440C-8376-0D65C14D6916}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{7D109C63-8FC9-4494-9540-04F72DDB896F}C:\program files (x86)\vidaone\vodf\vodf.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vidaone\vodf\vodf.exe |
"TCP Query User{8AFD3884-B728-4EE7-B5A8-0715F6DCE515}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{8B954CA8-3D6B-42AB-9835-1ED449AECCFF}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{8DFF8413-33B3-47EE-B86F-7E877F8CED00}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"TCP Query User{99F80315-662A-48CE-A238-3DD8306E3D70}C:\users\paul florek\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\paul florek\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{A69E889A-A4FD-48E1-8950-E67F0838A75A}C:\users\paul florek\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\paul florek\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{A8490F62-EA26-4F1E-B8F0-C79B3620ECAC}C:\users\paul florek\desktop\medal of honor allied assault.exe" = protocol=6 | dir=in | app=c:\users\paul florek\desktop\medal of honor allied assault.exe |
"TCP Query User{BC3A6FEB-7C53-4175-B04B-2C29B5CCAAFF}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{CF92A2CB-4B68-4F03-B0C1-DB5E9D9BE02D}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{D6E61652-29C7-456E-B0A7-6DBD2F988D59}C:\program files (x86)\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"TCP Query User{D7909075-E92E-49C1-86B3-296A412A8A7F}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{DD0142D4-0303-445A-8420-14B85D83E5D3}C:\found.000\dir0001.chk\chrome.exe" = protocol=6 | dir=in | app=c:\found.000\dir0001.chk\chrome.exe |
"TCP Query User{F51E5383-4E86-4241-A50C-D156AC59F41D}C:\users\paul florek\desktop\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\users\paul florek\desktop\team fortress 2\hl2.exe |
"UDP Query User{091F55E7-D654-42A3-A612-1F0A5D31B7F9}C:\users\paul florek\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\paul florek\appdata\roaming\spotify\spotify.exe |
"UDP Query User{1B4C2723-581D-487F-9C1A-9AE7BD56C32A}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{23454AAA-B9F2-48D4-8611-119AD8945482}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{357FD386-238B-4C5D-9E16-3E3D7B24A991}C:\program files (x86)\ea games\medal of honor pacific assault™\mohpa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\medal of honor pacific assault™\mohpa.exe |
"UDP Query User{3A8839D0-A8E4-4765-A25D-3C898ED96026}C:\users\paul florek\desktop\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\users\paul florek\desktop\team fortress 2\hl2.exe |
"UDP Query User{3B030D3F-0900-4E12-9CFC-A2A02700B562}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{3D8F427E-82A2-4592-B81F-4EEAEAEF8C81}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{42F932E8-1E26-4823-A2B7-6071A1DB7198}C:\program files (x86)\pando networks\pando\pando.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |
"UDP Query User{4E559FF2-F2F8-4A55-A92A-099F80FEDA53}C:\users\paul florek\desktop\mohpa.exe" = protocol=17 | dir=in | app=c:\users\paul florek\desktop\mohpa.exe |
"UDP Query User{51959DFE-B8E6-435A-A144-FFA29359D53F}C:\program files (x86)\usarmy\america's army 2\system\armyops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\usarmy\america's army 2\system\armyops.exe |
"UDP Query User{66D3033A-C321-4D65-9AAE-8663CAA9BF8E}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{70549EB4-C76C-4BAE-8344-4EBF6819083D}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{7D7E00A7-6C39-4281-8C2C-5B98A55ED35B}C:\users\paul florek\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\paul florek\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{7F579C85-C305-47D3-AF8B-BBD325263FA5}C:\users\paul florek\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\paul florek\appdata\roaming\spotify\spotify.exe |
"UDP Query User{89A63C38-4196-4AE1-A6E4-129DBA06C4D7}C:\users\paul florek\desktop\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\users\paul florek\desktop\team fortress 2\hl2.exe |
"UDP Query User{906F6048-5245-4DE8-8ED5-23B882EE8D0E}C:\program files (x86)\vidaone\vodf\vodf.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vidaone\vodf\vodf.exe |
"UDP Query User{B1C08860-41E4-43D0-A412-F9805D471C01}C:\found.000\dir0001.chk\chrome.exe" = protocol=17 | dir=in | app=c:\found.000\dir0001.chk\chrome.exe |
"UDP Query User{B60AED93-D1E7-4649-91D8-12161593D49C}C:\program files (x86)\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"UDP Query User{C17EA954-38C2-40E4-B263-C80A0D470BEA}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{C889A559-B8AE-4062-8954-8C4BCBA1FD4B}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{CBB5B06C-E98A-4B71-82BA-30535A0CA1E7}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{CE768A78-8699-46AC-9757-F5698277CB84}C:\users\paul florek\desktop\medal of honor allied assault.exe" = protocol=17 | dir=in | app=c:\users\paul florek\desktop\medal of honor allied assault.exe |
"UDP Query User{CFB4121B-FACE-42E5-B684-3CA359197F82}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{DBBE9EDF-AF78-4E9A-850B-9141BBB99A9E}C:\users\paul florek\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\paul florek\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{F4322101-4A8B-45D6-8895-B97B67E6FC97}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX330_series" = Canon MX330 series MP Drivers
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{18155797-EF2E-4699-9A16-FE787C4C10DB}" = iTunes
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}" = ATI Stream SDK v2 Developer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9301985B-D116-4A93-A93D-94580084FF86}" = 64 Bit HP CIO Components Installer
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB3FDAEC-7702-3A47-655B-4A34714CBEFA}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBB03C04-9E78-6758-94C9-5D128401CFF8}" = WMV9/VC-1 Video Playback
"{E974638C-9F47-48C4-672C-B9C65F2BAD62}" = AMD Drag and Drop Transcoding
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F3FEB53B-0BD3-F481-A8F9-51BA46466A6A}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7BBC6A1-A3C9-4745-BFFF-6BAA485D89C3}" = PG583_64_inf
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"LSI Soft Modem" = LSI PCI-SV92PP Soft Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"PeerGuardian_is1" = PeerGuardian 2.0
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0032D29F-7E8F-40E5-AD12-8857AAB0DBFF}" = Catalyst Control Center - Branding
"{0215A652-E081-4B09-9333-DC85AAB67FFA}" = Adobe Dreamweaver CS5.5
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{034C3647-3240-B744-D10B-637197A1E5B1}" = Catalyst Control Center InstallProxy
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}" = Sibelius 6
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = WN111v2
"{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}" = Upgrade Kit
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 26
"{2A6355EB-273D-4368-9DB6-FB99EBA9FABD}" = Cisco AnyConnect VPN Client
"{2C440596-FD75-9EA6-5472-B2EDBF5D222B}" = ccc-core-static
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59552B98-E671-AFA7-C04D-6F62DDD44D3C}" = Adobe® CreatePDF Desktop
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6833245E-DD86-479A-882A-8360D62C8194}" = NVIDIA PhysX
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{739941B6-3C0F-290A-0B76-08C7CEA6F0F3}" = Catalyst Control Center InstallProxy
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7ACEE78A-537D-2857-1A64-72198BC4A67D}" = Catalyst Control Center Graphics Previews Vista
"{7CC4EFDB-14AE-47F1-831E-D979FA6FB137}" = VidaOne Diet and Fitness
"{7CD82818-18F2-E4D5-A502-9D1F16C8DF9C}" = Catalyst Control Center Graphics Previews Common
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A76CFCA-4BEC-C88E-3A7B-7CD18E3B86EA}" = CCC Help English
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94A620EB-5658-49E7-8660-8659281BD67F}" = Mouse Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3C9A441-C34D-40F3-9D3B-00EDDDAC74F1}" = Garmin Communicator Plugin
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D1725D54-279A-40C5-A70D-23C1785DB920}_is1" = AoA Audio Extractor
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}" = Driver Updater
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EF72E0A5-57E8-471F-837E-82BB19771363}" = REALTEK RTL8185 Wireless LAN Software
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F534394E-DBE5-4BA7-B346-BF99438B6F5E}" = AMD LIVE! Explorer
"{FD207C2C-A7FF-332A-AC85-5A5ACED6F31B}" = Google Talk Plugin
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"Canon MX330 series User Registration" = Canon MX330 series User Registration
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"CCleaner" = CCleaner (remove only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.acrobat.createpdf.CreatePDFDesktop" = Adobe® CreatePDF Desktop
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Evrsoft First Page 2006_is1" = Evrsoft First Page 2006
"Graboid Video" = Graboid Video 2.03
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = RangeMax Wireless-N USB Adapter WN111v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"InstallShield_{94A620EB-5658-49E7-8660-8659281BD67F}" = Mouse Driver
"InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Motherboard Monitor 5_is1" = Motherboard Monitor 5
"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"PandoraRecovery" = PandoraRecovery (Remove Only)
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StreamTorrent 1.0" = StreamTorrent 1.0
"The Rosetta Stone" = The Rosetta Stone
"uTorrent" = µTorrent
"Virtual Magnifying Glass_is1" = Virtual Magnifying Glass v3.4
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite" = Windows Live Essentials
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2456447077-1367603219-1884821840-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.1.0.366
"Spotify" = Spotify

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
  • 0

#6
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

P2P Warning!:

IMPORTANT I have noticed that there are signs of StreamTorrent 1.0 and uTorrent P2P (Peer to Peer) File Sharing Programs on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall StreamTorrent 1.0 and uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep them, please do not use either of them until your computer is cleaned.



Step 2.

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image




  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    [2010/08/16 21:00:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/11/18 08:45:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    [2011/01/11 17:08:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    [2011/03/26 08:47:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    [2011/08/16 19:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    [2008/06/18 01:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
    [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    O2:64bit: - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
    O15 - HKCU\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {B805D226-4CA5-499C-A8CA-3E61CF947A5D} https://iconect.usel...c901fb85eb0.cab (FileViewer Control)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\MPK.exe) - File not found
    [2010/03/09 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\StreamTorrent
    [2012/05/10 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\Paul Florek\AppData\Roaming\uTorrent
    
    
    
    :files
    ipconfig /flushdns /c
    
    
    :reg
    
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 3.

Make sure you have show file extensions visible.


Batch file for purging Event Viewer in Windows 7 since your event logs are corrupt.

Please copy the code below and paste it into notepad.

@echo off
FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V
IF (%adminTest%)==(Access) goto noAdmin
for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G")
echo.
echo Event Logs have been cleared! ^<press any key^>
goto theEnd
:do_clear
echo clearing %1
wevtutil.exe cl %1
goto :eof
:noAdmin
echo You must run this script as an Administrator!
echo ^<press any key^>
:theEnd
pause>NUL

Then save as, select all files, eventclear.bat


Step 4.

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • Get the report by selecting Reports

    Posted Image

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 5.

Download farbar service scanner to your desktop and then run it.

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply


Step 6.

Please post:

OTL fix log
TDSSKiller log
FSS.txt


Update me on the computer issues.
  • 0

#7
pflo

pflo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Here are the text files. Uninstalled stream torrent. Computer still running a bit slow. Thought it had frozen at windows welcome screen after otl reboot but it just took 3-4 minutes.....

Farbar Service Scanner Version: 11-05-2012
Ran by Paul Florek (administrator) on 14-05-2012 at 09:41:26
Running from "C:\Users\Paul Florek\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


09:32:07.0739 2616 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
09:32:08.0238 2616 ============================================================
09:32:08.0238 2616 Current date / time: 2012/05/14 09:32:08.0238
09:32:08.0238 2616 SystemInfo:
09:32:08.0238 2616
09:32:08.0238 2616 OS Version: 6.1.7601 ServicePack: 1.0
09:32:08.0238 2616 Product type: Workstation
09:32:08.0238 2616 ComputerName: PAULFLOREK-PC
09:32:08.0238 2616 UserName: Paul Florek
09:32:08.0238 2616 Windows directory: C:\Windows
09:32:08.0238 2616 System windows directory: C:\Windows
09:32:08.0238 2616 Running under WOW64
09:32:08.0238 2616 Processor architecture: Intel x64
09:32:08.0238 2616 Number of processors: 4
09:32:08.0238 2616 Page size: 0x1000
09:32:08.0238 2616 Boot type: Normal boot
09:32:08.0238 2616 ============================================================
09:32:11.0280 2616 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:32:11.0295 2616 Drive \Device\Harddisk1\DR1 - Size: 0x78741000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:32:11.0327 2616 ============================================================
09:32:11.0327 2616 \Device\Harddisk0\DR0:
09:32:11.0358 2616 MBR partitions:
09:32:11.0358 2616 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4F800, BlocksNum 0x24578000
09:32:11.0358 2616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x262C7800, BlocksNum 0x24590000
09:32:11.0358 2616 \Device\Harddisk1\DR1:
09:32:11.0358 2616 MBR partitions:
09:32:11.0358 2616 ============================================================
09:32:11.0436 2616 C: <-> \Device\Harddisk0\DR0\Partition0
09:32:11.0467 2616 D: <-> \Device\Harddisk0\DR0\Partition1
09:32:11.0467 2616 ============================================================
09:32:11.0467 2616 Initialize success
09:32:11.0467 2616 ============================================================
09:32:21.0131 2360 ============================================================
09:32:21.0131 2360 Scan started
09:32:21.0131 2360 Mode: Manual; SigCheck; TDLFS;
09:32:21.0131 2360 ============================================================
09:32:23.0393 2360 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:32:23.0486 2360 1394ohci - ok
09:32:23.0517 2360 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:32:23.0549 2360 ACPI - ok
09:32:23.0564 2360 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:32:23.0595 2360 AcpiPmi - ok
09:32:23.0736 2360 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:32:23.0751 2360 AdobeFlashPlayerUpdateSvc - ok
09:32:23.0798 2360 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:32:23.0829 2360 adp94xx - ok
09:32:23.0861 2360 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:32:23.0876 2360 adpahci - ok
09:32:23.0892 2360 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:32:23.0907 2360 adpu320 - ok
09:32:23.0939 2360 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:32:24.0001 2360 AeLookupSvc - ok
09:32:24.0048 2360 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:32:24.0095 2360 AFD - ok
09:32:24.0188 2360 AffinegyService (b29bc445561f1ac7b1daf67af954c36b) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
09:32:24.0204 2360 AffinegyService - ok
09:32:24.0251 2360 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
09:32:24.0282 2360 AgereModemAudio - ok
09:32:24.0344 2360 AgereSoftModem (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
09:32:24.0407 2360 AgereSoftModem - ok
09:32:24.0438 2360 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:32:24.0453 2360 agp440 - ok
09:32:24.0469 2360 ahcix64s (f114aabfde93a8ef2b4988eb29d14306) C:\Windows\system32\drivers\ahcix64s.sys
09:32:24.0500 2360 ahcix64s - ok
09:32:24.0531 2360 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:32:24.0578 2360 ALG - ok
09:32:24.0609 2360 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:32:24.0625 2360 aliide - ok
09:32:24.0656 2360 AMD External Events Utility (a359974eaac83a435497c52f62a2e590) C:\Windows\system32\atiesrxx.exe
09:32:24.0703 2360 AMD External Events Utility - ok
09:32:24.0734 2360 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:32:24.0750 2360 amdide - ok
09:32:24.0765 2360 amdide64 (e921853f1838ecc009a6835a8bdadb9e) C:\Windows\system32\DRIVERS\amdide64.sys
09:32:24.0781 2360 amdide64 - ok
09:32:24.0828 2360 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:32:24.0859 2360 AmdK8 - ok
09:32:25.0171 2360 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
09:32:25.0405 2360 amdkmdag - ok
09:32:25.0530 2360 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
09:32:25.0577 2360 amdkmdap - ok
09:32:25.0623 2360 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:32:25.0655 2360 AmdPPM - ok
09:32:25.0686 2360 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:32:25.0701 2360 amdsata - ok
09:32:25.0733 2360 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:32:25.0748 2360 amdsbs - ok
09:32:25.0764 2360 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:32:25.0779 2360 amdxata - ok
09:32:25.0826 2360 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:32:25.0873 2360 AppID - ok
09:32:25.0904 2360 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:32:25.0982 2360 AppIDSvc - ok
09:32:26.0013 2360 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:32:26.0060 2360 Appinfo - ok
09:32:26.0169 2360 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:32:26.0185 2360 Apple Mobile Device - ok
09:32:26.0216 2360 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:32:26.0232 2360 arc - ok
09:32:26.0247 2360 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:32:26.0263 2360 arcsas - ok
09:32:26.0294 2360 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
09:32:26.0310 2360 aswFsBlk - ok
09:32:26.0325 2360 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
09:32:26.0341 2360 aswMonFlt - ok
09:32:26.0372 2360 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
09:32:26.0388 2360 aswRdr - ok
09:32:26.0450 2360 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
09:32:26.0466 2360 aswSnx - ok
09:32:26.0513 2360 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
09:32:26.0528 2360 aswSP - ok
09:32:26.0575 2360 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
09:32:26.0575 2360 aswTdi - ok
09:32:26.0622 2360 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:32:26.0684 2360 AsyncMac - ok
09:32:26.0700 2360 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:32:26.0715 2360 atapi - ok
09:32:26.0778 2360 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\Windows\system32\drivers\AtihdW76.sys
09:32:26.0793 2360 AtiHDAudioService - ok
09:32:26.0856 2360 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
09:32:26.0903 2360 AtiHdmiService - ok
09:32:27.0199 2360 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
09:32:27.0324 2360 atikmdag - ok
09:32:27.0495 2360 AtiPcie (db0d3de15edc96e7529fc0d3f7760894) C:\Windows\system32\DRIVERS\AtiPcie.sys
09:32:27.0511 2360 AtiPcie - ok
09:32:27.0558 2360 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
09:32:27.0573 2360 atksgt - ok
09:32:27.0636 2360 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:32:27.0714 2360 AudioEndpointBuilder - ok
09:32:27.0714 2360 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:32:27.0761 2360 AudioSrv - ok
09:32:27.0870 2360 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
09:32:27.0885 2360 avast! Antivirus - ok
09:32:27.0917 2360 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:32:27.0963 2360 AxInstSV - ok
09:32:28.0057 2360 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:32:28.0088 2360 b06bdrv - ok
09:32:28.0151 2360 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:32:28.0166 2360 b57nd60a - ok
09:32:28.0213 2360 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:32:28.0244 2360 BDESVC - ok
09:32:28.0260 2360 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:32:28.0322 2360 Beep - ok
09:32:28.0416 2360 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:32:28.0478 2360 BFE - ok
09:32:28.0572 2360 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:32:28.0665 2360 BITS - ok
09:32:28.0728 2360 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:32:28.0759 2360 blbdrive - ok
09:32:28.0837 2360 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
09:32:28.0853 2360 Bonjour Service - ok
09:32:28.0884 2360 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:32:28.0899 2360 bowser - ok
09:32:28.0915 2360 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:32:28.0946 2360 BrFiltLo - ok
09:32:28.0977 2360 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:32:28.0993 2360 BrFiltUp - ok
09:32:29.0040 2360 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:32:29.0102 2360 Browser - ok
09:32:29.0133 2360 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:32:29.0165 2360 Brserid - ok
09:32:29.0196 2360 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:32:29.0243 2360 BrSerWdm - ok
09:32:29.0258 2360 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:32:29.0321 2360 BrUsbMdm - ok
09:32:29.0367 2360 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:32:29.0399 2360 BrUsbSer - ok
09:32:29.0414 2360 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:32:29.0461 2360 BTHMODEM - ok
09:32:29.0508 2360 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:32:29.0570 2360 bthserv - ok
09:32:29.0617 2360 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:32:29.0679 2360 cdfs - ok
09:32:29.0773 2360 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:32:29.0804 2360 cdrom - ok
09:32:29.0882 2360 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:32:29.0960 2360 CertPropSvc - ok
09:32:30.0038 2360 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:32:30.0085 2360 circlass - ok
09:32:30.0381 2360 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:32:30.0413 2360 CLFS - ok
09:32:30.0537 2360 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:32:30.0553 2360 clr_optimization_v2.0.50727_32 - ok
09:32:30.0693 2360 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:32:30.0709 2360 clr_optimization_v2.0.50727_64 - ok
09:32:30.0803 2360 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:32:30.0834 2360 clr_optimization_v4.0.30319_32 - ok
09:32:30.0881 2360 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:32:30.0912 2360 clr_optimization_v4.0.30319_64 - ok
09:32:30.0943 2360 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:32:30.0974 2360 CmBatt - ok
09:32:30.0990 2360 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:32:31.0005 2360 cmdide - ok
09:32:31.0037 2360 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:32:31.0068 2360 CNG - ok
09:32:31.0083 2360 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:32:31.0099 2360 Compbatt - ok
09:32:31.0130 2360 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:32:31.0161 2360 CompositeBus - ok
09:32:31.0177 2360 COMSysApp - ok
09:32:31.0208 2360 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:32:31.0224 2360 crcdisk - ok
09:32:31.0271 2360 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:32:31.0317 2360 CryptSvc - ok
09:32:31.0364 2360 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:32:31.0442 2360 DcomLaunch - ok
09:32:31.0473 2360 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:32:31.0536 2360 defragsvc - ok
09:32:31.0583 2360 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:32:31.0645 2360 DfsC - ok
09:32:31.0770 2360 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:32:31.0848 2360 Dhcp - ok
09:32:31.0910 2360 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:32:31.0973 2360 discache - ok
09:32:32.0051 2360 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:32:32.0066 2360 Disk - ok
09:32:32.0113 2360 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:32:32.0160 2360 Dnscache - ok
09:32:32.0207 2360 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:32:32.0269 2360 dot3svc - ok
09:32:32.0316 2360 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
09:32:32.0347 2360 Dot4 - ok
09:32:32.0378 2360 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
09:32:32.0409 2360 Dot4Print - ok
09:32:32.0425 2360 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
09:32:32.0456 2360 dot4usb - ok
09:32:32.0487 2360 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:32:32.0550 2360 DPS - ok
09:32:32.0612 2360 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:32:32.0643 2360 drmkaud - ok
09:32:32.0675 2360 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:32:32.0690 2360 dtsoftbus01 - ok
09:32:32.0753 2360 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:32:32.0768 2360 DXGKrnl - ok
09:32:32.0877 2360 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:32:32.0940 2360 EapHost - ok
09:32:33.0252 2360 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:32:33.0330 2360 ebdrv - ok
09:32:33.0423 2360 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:32:33.0455 2360 EFS - ok
09:32:33.0548 2360 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:32:33.0611 2360 ehRecvr - ok
09:32:33.0657 2360 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:32:33.0673 2360 ehSched - ok
09:32:33.0767 2360 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:32:33.0798 2360 elxstor - ok
09:32:33.0813 2360 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:32:33.0845 2360 ErrDev - ok
09:32:33.0954 2360 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:32:34.0016 2360 EventSystem - ok
09:32:34.0063 2360 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:32:34.0125 2360 exfat - ok
09:32:34.0172 2360 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:32:34.0235 2360 fastfat - ok
09:32:34.0391 2360 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:32:34.0422 2360 Fax - ok
09:32:34.0453 2360 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:32:34.0484 2360 fdc - ok
09:32:34.0515 2360 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:32:34.0578 2360 fdPHost - ok
09:32:34.0593 2360 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:32:34.0625 2360 FDResPub - ok
09:32:34.0640 2360 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:32:34.0656 2360 FileInfo - ok
09:32:34.0656 2360 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:32:34.0734 2360 Filetrace - ok
09:32:34.0765 2360 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:32:34.0796 2360 flpydisk - ok
09:32:34.0843 2360 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:32:34.0859 2360 FltMgr - ok
09:32:34.0921 2360 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:32:34.0968 2360 FontCache - ok
09:32:35.0108 2360 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:32:35.0124 2360 FontCache3.0.0.0 - ok
09:32:35.0233 2360 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:32:35.0249 2360 FsDepends - ok
09:32:35.0264 2360 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:32:35.0280 2360 Fs_Rec - ok
09:32:35.0373 2360 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:32:35.0405 2360 fvevol - ok
09:32:35.0451 2360 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:32:35.0467 2360 gagp30kx - ok
09:32:35.0529 2360 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:32:35.0545 2360 GEARAspiWDM - ok
09:32:35.0576 2360 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:32:35.0639 2360 gpsvc - ok
09:32:35.0748 2360 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:32:35.0763 2360 gupdate - ok
09:32:35.0779 2360 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:32:35.0779 2360 gupdatem - ok
09:32:35.0810 2360 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:32:35.0826 2360 gusvc - ok
09:32:35.0857 2360 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:32:35.0888 2360 hcw85cir - ok
09:32:35.0951 2360 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
09:32:35.0982 2360 HdAudAddService - ok
09:32:36.0013 2360 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:32:36.0044 2360 HDAudBus - ok
09:32:36.0075 2360 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:32:36.0107 2360 HidBatt - ok
09:32:36.0122 2360 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:32:36.0169 2360 HidBth - ok
09:32:36.0185 2360 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:32:36.0216 2360 HidIr - ok
09:32:36.0263 2360 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:32:36.0325 2360 hidserv - ok
09:32:36.0387 2360 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
09:32:36.0403 2360 HidUsb - ok
09:32:36.0481 2360 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:32:36.0543 2360 hkmsvc - ok
09:32:36.0637 2360 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:32:36.0684 2360 HomeGroupListener - ok
09:32:36.0715 2360 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:32:36.0762 2360 HomeGroupProvider - ok
09:32:36.0809 2360 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:32:36.0824 2360 HpSAMD - ok
09:32:36.0871 2360 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:32:36.0949 2360 HTTP - ok
09:32:36.0965 2360 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:32:36.0980 2360 hwpolicy - ok
09:32:37.0027 2360 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:32:37.0043 2360 i8042prt - ok
09:32:37.0089 2360 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
09:32:37.0121 2360 iaStor - ok
09:32:37.0167 2360 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:32:37.0183 2360 iaStorV - ok
09:32:37.0323 2360 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:32:37.0339 2360 idsvc - ok
09:32:37.0386 2360 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:32:37.0401 2360 iirsp - ok
09:32:37.0464 2360 IJPLMSVC (e5e6a7d13bbc0f80b866d021f306bf6c) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
09:32:37.0479 2360 IJPLMSVC - ok
09:32:37.0682 2360 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:32:37.0729 2360 IKEEXT - ok
09:32:37.0838 2360 IntcAzAudAddService (9aa6a93852e36fe76c3f7fc2904f3b01) C:\Windows\system32\drivers\RTKVHD64.sys
09:32:37.0869 2360 IntcAzAudAddService - ok
09:32:37.0994 2360 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:32:38.0010 2360 intelide - ok
09:32:38.0057 2360 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:32:38.0088 2360 intelppm - ok
09:32:38.0119 2360 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:32:38.0166 2360 IPBusEnum - ok
09:32:38.0213 2360 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:32:38.0259 2360 IpFilterDriver - ok
09:32:38.0306 2360 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
09:32:38.0369 2360 iphlpsvc - ok
09:32:38.0384 2360 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:32:38.0400 2360 IPMIDRV - ok
09:32:38.0431 2360 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:32:38.0478 2360 IPNAT - ok
09:32:38.0571 2360 iPod Service (a9e53e1a9c4274eebc00d36ae5ed40de) C:\Program Files\iPod\bin\iPodService.exe
09:32:38.0587 2360 iPod Service - ok
09:32:38.0603 2360 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:32:38.0634 2360 IRENUM - ok
09:32:38.0665 2360 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:32:38.0681 2360 isapnp - ok
09:32:38.0696 2360 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:32:38.0712 2360 iScsiPrt - ok
09:32:38.0743 2360 johci (bb851eda4211d8d013d93f361adb13b5) C:\Windows\system32\DRIVERS\johci.sys
09:32:38.0743 2360 johci - ok
09:32:38.0837 2360 jswpsapi (78d233d835a8876035ac559afe02b940) C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe
09:32:38.0868 2360 jswpsapi ( UnsignedFile.Multi.Generic ) - warning
09:32:38.0868 2360 jswpsapi - detected UnsignedFile.Multi.Generic (1)
09:32:38.0915 2360 JSWPSLWF (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys
09:32:38.0946 2360 JSWPSLWF - ok
09:32:38.0977 2360 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:32:38.0993 2360 kbdclass - ok
09:32:39.0008 2360 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:32:39.0039 2360 kbdhid - ok
09:32:39.0071 2360 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:32:39.0086 2360 KeyIso - ok
09:32:39.0117 2360 KMWDFILTER (a745d7d34b27c15d72f705fda762600d) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
09:32:39.0149 2360 KMWDFILTER - ok
09:32:39.0164 2360 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:32:39.0180 2360 KSecDD - ok
09:32:39.0195 2360 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:32:39.0211 2360 KSecPkg - ok
09:32:39.0242 2360 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:32:39.0305 2360 ksthunk - ok
09:32:39.0336 2360 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:32:39.0414 2360 KtmRm - ok
09:32:39.0445 2360 L8042Kbd (f33c5d79d3273530e1892a0922283a7b) C:\Windows\system32\DRIVERS\L8042Kbd.sys
09:32:39.0461 2360 L8042Kbd - ok
09:32:39.0476 2360 L8042mou (a6fe2e63441094074f57243fb0fdb45a) C:\Windows\system32\DRIVERS\L8042mou.Sys
09:32:39.0492 2360 L8042mou - ok
09:32:39.0539 2360 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:32:39.0601 2360 LanmanServer - ok
09:32:39.0648 2360 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:32:39.0695 2360 LanmanWorkstation - ok
09:32:39.0788 2360 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
09:32:39.0804 2360 LBTServ - ok
09:32:39.0835 2360 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:32:39.0851 2360 LHidFilt - ok
09:32:39.0882 2360 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
09:32:39.0898 2360 lirsgt - ok
09:32:39.0929 2360 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:32:39.0991 2360 lltdio - ok
09:32:40.0022 2360 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:32:40.0085 2360 lltdsvc - ok
09:32:40.0100 2360 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:32:40.0147 2360 lmhosts - ok
09:32:40.0163 2360 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:32:40.0178 2360 LMouFilt - ok
09:32:40.0178 2360 LMouKE (f518c34c137348b7dbe5343acc646a1c) C:\Windows\system32\DRIVERS\LMouKE.Sys
09:32:40.0194 2360 LMouKE - ok
09:32:40.0225 2360 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:32:40.0241 2360 LSI_FC - ok
09:32:40.0272 2360 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:32:40.0288 2360 LSI_SAS - ok
09:32:40.0303 2360 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:32:40.0319 2360 LSI_SAS2 - ok
09:32:40.0334 2360 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:32:40.0350 2360 LSI_SCSI - ok
09:32:40.0366 2360 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:32:40.0428 2360 luafv - ok
09:32:40.0506 2360 mbmiodrvr (2e1652d8ab971403eaaddc921800b1fa) C:\Windows\syswow64\mbmiodrvr.sys
09:32:40.0537 2360 mbmiodrvr ( UnsignedFile.Multi.Generic ) - warning
09:32:40.0537 2360 mbmiodrvr - detected UnsignedFile.Multi.Generic (1)
09:32:40.0615 2360 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
09:32:40.0631 2360 McciCMService ( UnsignedFile.Multi.Generic ) - warning
09:32:40.0631 2360 McciCMService - detected UnsignedFile.Multi.Generic (1)
09:32:40.0693 2360 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe
09:32:40.0724 2360 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning
09:32:40.0724 2360 McciCMService64 - detected UnsignedFile.Multi.Generic (1)
09:32:40.0787 2360 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:32:40.0818 2360 Mcx2Svc - ok
09:32:40.0896 2360 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:32:40.0912 2360 megasas - ok
09:32:40.0927 2360 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:32:40.0943 2360 MegaSR - ok
09:32:40.0990 2360 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:32:41.0036 2360 MMCSS - ok
09:32:41.0068 2360 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:32:41.0114 2360 Modem - ok
09:32:41.0146 2360 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:32:41.0192 2360 monitor - ok
09:32:41.0224 2360 motmodem (e90aba3c6f01be2c456c4aa857b28646) C:\Windows\system32\DRIVERS\motmodem.sys
09:32:41.0255 2360 motmodem - ok
09:32:41.0302 2360 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
09:32:41.0317 2360 mouclass - ok
09:32:41.0348 2360 moufiltr (80db1a0d262c71dda698f4c20a7c19de) C:\Windows\system32\DRIVERS\moufiltr.sys
09:32:41.0380 2360 moufiltr - ok
09:32:41.0426 2360 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:32:41.0458 2360 mouhid - ok
09:32:41.0489 2360 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:32:41.0504 2360 mountmgr - ok
09:32:41.0520 2360 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:32:41.0536 2360 mpio - ok
09:32:41.0551 2360 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:32:41.0598 2360 mpsdrv - ok
09:32:41.0645 2360 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
09:32:41.0723 2360 MpsSvc - ok
09:32:41.0801 2360 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
09:32:41.0816 2360 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
09:32:41.0816 2360 MREMP50 - detected UnsignedFile.Multi.Generic (1)
09:32:41.0848 2360 MREMP50a64 - ok
09:32:41.0863 2360 MREMPR5 - ok
09:32:41.0863 2360 MRENDIS5 - ok
09:32:41.0894 2360 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
09:32:41.0910 2360 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
09:32:41.0910 2360 MRESP50 - detected UnsignedFile.Multi.Generic (1)
09:32:41.0941 2360 MRESP50a64 - ok
09:32:41.0972 2360 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:32:42.0019 2360 MRxDAV - ok
09:32:42.0050 2360 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:32:42.0082 2360 mrxsmb - ok
09:32:42.0097 2360 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:32:42.0144 2360 mrxsmb10 - ok
09:32:42.0175 2360 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:32:42.0191 2360 mrxsmb20 - ok
09:32:42.0238 2360 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:32:42.0238 2360 msahci - ok
09:32:42.0269 2360 MSCamSvc (41fb1d61df09c36ccab0b04eec66f6d5) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
09:32:42.0284 2360 MSCamSvc - ok
09:32:42.0300 2360 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:32:42.0316 2360 msdsm - ok
09:32:42.0347 2360 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:32:42.0378 2360 MSDTC - ok
09:32:42.0409 2360 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:32:42.0456 2360 Msfs - ok
09:32:42.0472 2360 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:32:42.0534 2360 mshidkmdf - ok
09:32:42.0565 2360 MSHUSBVideo (26668cc2920de2497a8e369b16e48ca3) C:\Windows\system32\Drivers\nx6000.sys
09:32:42.0596 2360 MSHUSBVideo - ok
09:32:42.0612 2360 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:32:42.0628 2360 msisadrv - ok
09:32:42.0659 2360 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:32:42.0721 2360 MSiSCSI - ok
09:32:42.0737 2360 msiserver - ok
09:32:42.0784 2360 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:32:42.0846 2360 MSKSSRV - ok
09:32:42.0862 2360 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:32:42.0924 2360 MSPCLOCK - ok
09:32:42.0940 2360 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:32:43.0002 2360 MSPQM - ok
09:32:43.0033 2360 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:32:43.0064 2360 MsRPC - ok
09:32:43.0080 2360 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:32:43.0096 2360 mssmbios - ok
09:32:43.0142 2360 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:32:43.0189 2360 MSTEE - ok
09:32:43.0205 2360 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:32:43.0252 2360 MTConfig - ok
09:32:43.0267 2360 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:32:43.0283 2360 Mup - ok
09:32:43.0330 2360 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:32:43.0392 2360 napagent - ok
09:32:43.0454 2360 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:32:43.0501 2360 NativeWifiP - ok
09:32:43.0548 2360 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:32:43.0579 2360 NDIS - ok
09:32:43.0595 2360 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:32:43.0642 2360 NdisCap - ok
09:32:43.0657 2360 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:32:43.0720 2360 NdisTapi - ok
09:32:43.0766 2360 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:32:43.0829 2360 Ndisuio - ok
09:32:43.0860 2360 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:32:43.0922 2360 NdisWan - ok
09:32:43.0954 2360 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:32:44.0000 2360 NDProxy - ok
09:32:44.0032 2360 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
09:32:44.0032 2360 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:32:44.0032 2360 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:32:44.0078 2360 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:32:44.0125 2360 NetBIOS - ok
09:32:44.0172 2360 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:32:44.0219 2360 NetBT - ok
09:32:44.0234 2360 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:32:44.0250 2360 Netlogon - ok
09:32:44.0297 2360 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:32:44.0359 2360 Netman - ok
09:32:44.0390 2360 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:32:44.0468 2360 netprofm - ok
09:32:44.0562 2360 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:32:44.0578 2360 NetTcpPortSharing - ok
09:32:44.0624 2360 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:32:44.0640 2360 nfrd960 - ok
09:32:44.0687 2360 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:32:44.0749 2360 NlaSvc - ok
09:32:44.0749 2360 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:32:44.0796 2360 Npfs - ok
09:32:44.0827 2360 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:32:44.0874 2360 nsi - ok
09:32:44.0890 2360 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:32:44.0936 2360 nsiproxy - ok
09:32:45.0014 2360 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:32:45.0061 2360 Ntfs - ok
09:32:45.0155 2360 NTIBackupSvc (973dcb15731339fca176e534055cf115) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
09:32:45.0170 2360 NTIBackupSvc - ok
09:32:45.0280 2360 NTIDrvr (7d397449aaf52b0e7c79b64f6ad4473e) C:\Windows\system32\Drivers\NTIDrvr.sys
09:32:45.0295 2360 NTIDrvr - ok
09:32:45.0311 2360 NTISchedulerSvc (58751f9248d50bce1053976c9e2f0859) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
09:32:45.0326 2360 NTISchedulerSvc - ok
09:32:45.0342 2360 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:32:45.0404 2360 Null - ok
09:32:45.0436 2360 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:32:45.0451 2360 nvraid - ok
09:32:45.0467 2360 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:32:45.0482 2360 nvstor - ok
09:32:45.0498 2360 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:32:45.0514 2360 nv_agp - ok
09:32:45.0607 2360 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:32:45.0623 2360 odserv - ok
09:32:45.0670 2360 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:32:45.0701 2360 ohci1394 - ok
09:32:45.0732 2360 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:32:45.0748 2360 ose - ok
09:32:45.0794 2360 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:32:45.0841 2360 p2pimsvc - ok
09:32:45.0872 2360 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:32:45.0904 2360 p2psvc - ok
09:32:45.0935 2360 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:32:45.0950 2360 Parport - ok
09:32:45.0966 2360 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
09:32:45.0982 2360 partmgr - ok
09:32:45.0997 2360 PCAMp50a64 (304e6ac43613a9c43896c4300009442b) C:\Windows\system32\Drivers\PCAMp50a64.sys
09:32:46.0013 2360 PCAMp50a64 - ok
09:32:46.0044 2360 PCASp50a64 (18b6869e23937175144e6f1d3cb85fc2) C:\Windows\system32\Drivers\PCASp50a64.sys
09:32:46.0044 2360 PCASp50a64 - ok
09:32:46.0091 2360 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:32:46.0122 2360 PcaSvc - ok
09:32:46.0169 2360 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:32:46.0184 2360 pci - ok
09:32:46.0184 2360 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:32:46.0200 2360 pciide - ok
09:32:46.0247 2360 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:32:46.0262 2360 pcmcia - ok
09:32:46.0278 2360 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:32:46.0294 2360 pcw - ok
09:32:46.0309 2360 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:32:46.0372 2360 PEAUTH - ok
09:32:46.0450 2360 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:32:46.0481 2360 PerfHost - ok
09:32:46.0606 2360 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:32:46.0684 2360 pla - ok
09:32:46.0730 2360 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:32:46.0777 2360 PlugPlay - ok
09:32:46.0824 2360 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
09:32:46.0840 2360 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:32:46.0840 2360 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:32:46.0871 2360 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:32:46.0902 2360 PNRPAutoReg - ok
09:32:46.0933 2360 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:32:46.0949 2360 PNRPsvc - ok
09:32:46.0996 2360 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:32:47.0058 2360 PolicyAgent - ok
09:32:47.0105 2360 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:32:47.0167 2360 Power - ok
09:32:47.0245 2360 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:32:47.0308 2360 PptpMiniport - ok
09:32:47.0339 2360 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:32:47.0386 2360 Processor - ok
09:32:47.0417 2360 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:32:47.0495 2360 ProfSvc - ok
09:32:47.0510 2360 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:32:47.0526 2360 ProtectedStorage - ok
09:32:47.0573 2360 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:32:47.0620 2360 Psched - ok
09:32:47.0682 2360 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:32:47.0729 2360 ql2300 - ok
09:32:47.0854 2360 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:32:47.0885 2360 ql40xx - ok
09:32:47.0900 2360 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:32:47.0932 2360 QWAVE - ok
09:32:47.0947 2360 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:32:47.0978 2360 QWAVEdrv - ok
09:32:47.0994 2360 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:32:48.0056 2360 RasAcd - ok
09:32:48.0119 2360 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:32:48.0150 2360 RasAgileVpn - ok
09:32:48.0166 2360 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:32:48.0228 2360 RasAuto - ok
09:32:48.0259 2360 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:32:48.0306 2360 Rasl2tp - ok
09:32:48.0337 2360 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:32:48.0384 2360 RasMan - ok
09:32:48.0415 2360 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:32:48.0478 2360 RasPppoe - ok
09:32:48.0509 2360 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:32:48.0571 2360 RasSstp - ok
09:32:48.0602 2360 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:32:48.0665 2360 rdbss - ok
09:32:48.0680 2360 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:32:48.0727 2360 rdpbus - ok
09:32:48.0743 2360 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:32:48.0805 2360 RDPCDD - ok
09:32:48.0836 2360 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:32:48.0883 2360 RDPENCDD - ok
09:32:48.0883 2360 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:32:48.0930 2360 RDPREFMP - ok
09:32:48.0946 2360 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:32:48.0977 2360 RDPWD - ok
09:32:49.0039 2360 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:32:49.0055 2360 rdyboost - ok
09:32:49.0133 2360 Realtek8185 (bbfcac1c23b867ae5d7ef96df40680c5) C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe
09:32:49.0164 2360 Realtek8185 ( UnsignedFile.Multi.Generic ) - warning
09:32:49.0164 2360 Realtek8185 - detected UnsignedFile.Multi.Generic (1)
09:32:49.0195 2360 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:32:49.0242 2360 RemoteAccess - ok
09:32:49.0273 2360 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:32:49.0336 2360 RemoteRegistry - ok
09:32:49.0367 2360 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:32:49.0414 2360 RpcEptMapper - ok
09:32:49.0445 2360 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:32:49.0476 2360 RpcLocator - ok
09:32:49.0523 2360 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:32:49.0570 2360 RpcSs - ok
09:32:49.0601 2360 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:32:49.0663 2360 rspndr - ok
09:32:49.0726 2360 RTL85n64 (b98c18b12856dc2a915cc63e5c7d61e7) C:\Windows\system32\DRIVERS\RTL85n64.sys
09:32:49.0772 2360 RTL85n64 - ok
09:32:49.0850 2360 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:32:49.0866 2360 SamSs - ok
09:32:49.0928 2360 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:32:49.0944 2360 sbp2port - ok
09:32:49.0960 2360 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:32:50.0022 2360 SCardSvr - ok
09:32:50.0053 2360 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:32:50.0116 2360 scfilter - ok
09:32:50.0178 2360 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:32:50.0256 2360 Schedule - ok
09:32:50.0287 2360 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:32:50.0334 2360 SCPolicySvc - ok
09:32:50.0365 2360 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:32:50.0381 2360 SDRSVC - ok
09:32:50.0381 2360 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:32:50.0428 2360 seclogon - ok
09:32:50.0459 2360 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:32:50.0506 2360 SENS - ok
09:32:50.0521 2360 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:32:50.0537 2360 SensrSvc - ok
09:32:50.0599 2360 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:32:50.0630 2360 Serenum - ok
09:32:50.0646 2360 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:32:50.0677 2360 Serial - ok
09:32:50.0693 2360 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:32:50.0724 2360 sermouse - ok
09:32:50.0755 2360 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:32:50.0818 2360 SessionEnv - ok
09:32:50.0833 2360 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:32:50.0864 2360 sffdisk - ok
09:32:50.0880 2360 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:32:50.0896 2360 sffp_mmc - ok
09:32:50.0896 2360 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:32:50.0911 2360 sffp_sd - ok
09:32:50.0942 2360 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:32:50.0974 2360 sfloppy - ok
09:32:51.0020 2360 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:32:51.0083 2360 SharedAccess - ok
09:32:51.0130 2360 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:32:51.0192 2360 ShellHWDetection - ok
09:32:51.0239 2360 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:32:51.0254 2360 SiSRaid2 - ok
09:32:51.0254 2360 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:32:51.0270 2360 SiSRaid4 - ok
09:32:51.0379 2360 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
09:32:51.0379 2360 SkypeUpdate - ok
09:32:51.0410 2360 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:32:51.0457 2360 Smb - ok
09:32:51.0488 2360 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:32:51.0520 2360 SNMPTRAP - ok
09:32:51.0551 2360 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:32:51.0566 2360 spldr - ok
09:32:51.0613 2360 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:32:51.0660 2360 Spooler - ok
09:32:51.0800 2360 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:32:51.0894 2360 sppsvc - ok
09:32:52.0003 2360 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:32:52.0050 2360 sppuinotify - ok
09:32:52.0128 2360 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\System32\Drivers\sptd.sys
09:32:52.0144 2360 sptd - ok
09:32:52.0175 2360 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:32:52.0222 2360 srv - ok
09:32:52.0253 2360 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:32:52.0284 2360 srv2 - ok
09:32:52.0331 2360 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:32:52.0362 2360 srvnet - ok
09:32:52.0424 2360 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:32:52.0502 2360 SSDPSRV - ok
09:32:52.0502 2360 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:32:52.0549 2360 SstpSvc - ok
09:32:52.0627 2360 Steam Client Service - ok
09:32:52.0658 2360 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:32:52.0674 2360 stexstor - ok
09:32:52.0721 2360 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:32:52.0783 2360 stisvc - ok
09:32:52.0799 2360 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:32:52.0814 2360 swenum - ok
09:32:52.0861 2360 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:32:52.0939 2360 swprv - ok
09:32:53.0017 2360 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:32:53.0095 2360 SysMain - ok
09:32:53.0189 2360 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:32:53.0220 2360 TabletInputService - ok
09:32:53.0236 2360 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:32:53.0298 2360 TapiSrv - ok
09:32:53.0329 2360 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:32:53.0376 2360 TBS - ok
09:32:53.0501 2360 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
09:32:53.0563 2360 Tcpip - ok
09:32:53.0688 2360 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
09:32:53.0719 2360 TCPIP6 - ok
09:32:53.0782 2360 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:32:53.0828 2360 tcpipreg - ok
09:32:53.0875 2360 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:32:53.0906 2360 TDPIPE - ok
09:32:53.0938 2360 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:32:53.0953 2360 TDTCP - ok
09:32:54.0000 2360 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:32:54.0047 2360 tdx - ok
09:32:54.0078 2360 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:32:54.0094 2360 TermDD - ok
09:32:54.0125 2360 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:32:54.0218 2360 TermService - ok
09:32:54.0234 2360 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:32:54.0265 2360 Themes - ok
09:32:54.0296 2360 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:32:54.0328 2360 THREADORDER - ok
09:32:54.0343 2360 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:32:54.0406 2360 TrkWks - ok
09:32:54.0452 2360 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:32:54.0515 2360 TrustedInstaller - ok
09:32:54.0546 2360 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:32:54.0608 2360 tssecsrv - ok
09:32:54.0655 2360 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:32:54.0686 2360 TsUsbFlt - ok
09:32:54.0733 2360 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:32:54.0780 2360 tunnel - ok
09:32:54.0827 2360 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:32:54.0842 2360 uagp35 - ok
09:32:54.0858 2360 UBHelper (00c8ce31657624a125fdb90efd554371) C:\Windows\system32\drivers\UBHelper.sys
09:32:54.0874 2360 UBHelper - ok
09:32:54.0905 2360 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:32:54.0967 2360 udfs - ok
09:32:54.0998 2360 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:32:55.0014 2360 UI0Detect - ok
09:32:55.0045 2360 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:32:55.0061 2360 uliagpkx - ok
09:32:55.0076 2360 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
09:32:55.0108 2360 umbus - ok
09:32:55.0139 2360 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:32:55.0170 2360 UmPass - ok
09:32:55.0201 2360 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:32:55.0264 2360 upnphost - ok
09:32:55.0295 2360 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
09:32:55.0326 2360 USBAAPL64 - ok
09:32:55.0357 2360 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
09:32:55.0388 2360 usbaudio - ok
09:32:55.0388 2360 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:32:55.0420 2360 usbccgp - ok
09:32:55.0466 2360 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:32:55.0482 2360 usbcir - ok
09:32:55.0498 2360 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
09:32:55.0544 2360 usbehci - ok
09:32:55.0576 2360 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:32:55.0607 2360 usbhub - ok
09:32:55.0622 2360 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
09:32:55.0654 2360 usbohci - ok
09:32:55.0685 2360 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:32:55.0732 2360 usbprint - ok
09:32:55.0763 2360 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:32:55.0794 2360 usbscan - ok
09:32:55.0810 2360 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:32:55.0825 2360 USBSTOR - ok
09:32:55.0841 2360 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:32:55.0872 2360 usbuhci - ok
09:32:55.0903 2360 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
09:32:55.0919 2360 usbvideo - ok
09:32:55.0950 2360 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:32:56.0012 2360 UxSms - ok
09:32:56.0044 2360 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:32:56.0059 2360 VaultSvc - ok
09:32:56.0075 2360 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
09:32:56.0090 2360 VClone - ok
09:32:56.0106 2360 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:32:56.0122 2360 vdrvroot - ok
09:32:56.0168 2360 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:32:56.0215 2360 vds - ok
09:32:56.0246 2360 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:32:56.0262 2360 vga - ok
09:32:56.0278 2360 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:32:56.0340 2360 VgaSave - ok
09:32:56.0371 2360 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:32:56.0387 2360 vhdmp - ok
09:32:56.0402 2360 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:32:56.0418 2360 viaide - ok
09:32:56.0434 2360 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:32:56.0449 2360 volmgr - ok
09:32:56.0496 2360 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:32:56.0512 2360 volmgrx - ok
09:32:56.0543 2360 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:32:56.0558 2360 volsnap - ok
09:32:56.0636 2360 vpnagent (e4d2305ebb9de0871a1e13294d0f349b) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
09:32:56.0652 2360 vpnagent - ok
09:32:56.0683 2360 vpnva (0e4df91e83da5739ffb18535d4db10aa) C:\Windows\system32\DRIVERS\vpnva64.sys
09:32:56.0683 2360 vpnva - ok
09:32:56.0730 2360 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:32:56.0746 2360 vsmraid - ok
09:32:56.0839 2360 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:32:56.0917 2360 VSS - ok
09:32:57.0058 2360 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
09:32:57.0089 2360 vwifibus - ok
09:32:57.0136 2360 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:32:57.0167 2360 vwififlt - ok
09:32:57.0198 2360 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:32:57.0245 2360 W32Time - ok
09:32:57.0260 2360 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:32:57.0292 2360 WacomPen - ok
09:32:57.0338 2360 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:32:57.0401 2360 WANARP - ok
09:32:57.0401 2360 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:32:57.0432 2360 Wanarpv6 - ok
09:32:57.0541 2360 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:32:57.0588 2360 WatAdminSvc - ok
09:32:57.0666 2360 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:32:57.0697 2360 wbengine - ok
09:32:57.0806 2360 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:32:57.0838 2360 WbioSrvc - ok
09:32:57.0869 2360 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:32:57.0916 2360 wcncsvc - ok
09:32:57.0931 2360 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:32:57.0947 2360 WcsPlugInService - ok
09:32:58.0009 2360 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:32:58.0025 2360 Wd - ok
09:32:58.0056 2360 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:32:58.0087 2360 Wdf01000 - ok
09:32:58.0118 2360 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:32:58.0165 2360 WdiServiceHost - ok
09:32:58.0165 2360 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:32:58.0196 2360 WdiSystemHost - ok
09:32:58.0228 2360 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:32:58.0274 2360 WebClient - ok
09:32:58.0290 2360 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:32:58.0368 2360 Wecsvc - ok
09:32:58.0384 2360 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:32:58.0446 2360 wercplsupport - ok
09:32:58.0477 2360 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:32:58.0524 2360 WerSvc - ok
09:32:58.0571 2360 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:32:58.0618 2360 WfpLwf - ok
09:32:58.0633 2360 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:32:58.0649 2360 WIMMount - ok
09:32:58.0664 2360 WinDefend - ok
09:32:58.0680 2360 WinHttpAutoProxySvc - ok
09:32:58.0727 2360 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:32:58.0789 2360 Winmgmt - ok
09:32:58.0867 2360 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:32:58.0945 2360 WinRM - ok
09:32:59.0086 2360 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:32:59.0101 2360 WinUsb - ok
09:32:59.0164 2360 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:32:59.0195 2360 Wlansvc - ok
09:32:59.0351 2360 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:32:59.0398 2360 wlidsvc - ok
09:32:59.0538 2360 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:32:59.0569 2360 WmiAcpi - ok
09:32:59.0632 2360 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:32:59.0678 2360 wmiApSrv - ok
09:32:59.0741 2360 WMPNetworkSvc - ok
09:32:59.0788 2360 WN111v2 (b972c12de88299e78f6656a31046dd99) C:\Windows\system32\DRIVERS\WN111v2w7x.sys
09:32:59.0819 2360 WN111v2 - ok
09:32:59.0850 2360 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:32:59.0866 2360 WPCSvc - ok
09:32:59.0897 2360 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:32:59.0928 2360 WPDBusEnum - ok
09:32:59.0959 2360 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:32:59.0990 2360 ws2ifsl - ok
09:33:00.0006 2360 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
09:33:00.0037 2360 wscsvc - ok
09:33:00.0053 2360 WSearch - ok
09:33:00.0146 2360 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:33:00.0256 2360 wuauserv - ok
09:33:00.0380 2360 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:33:00.0427 2360 WudfPf - ok
09:33:00.0458 2360 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:33:00.0521 2360 WUDFRd - ok
09:33:00.0552 2360 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:33:00.0583 2360 wudfsvc - ok
09:33:00.0880 2360 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:33:00.0926 2360 WwanSvc - ok
09:33:00.0973 2360 yukonw7 (b2818bfab7817f7e7ee886f58b15b35c) C:\Windows\system32\DRIVERS\yk62x64.sys
09:33:00.0989 2360 yukonw7 - ok
09:33:01.0004 2360 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:33:01.0145 2360 \Device\Harddisk0\DR0 - ok
09:33:01.0160 2360 MBR (0x1B8) (60fe89dcb718f9cc10c1cbccf52e70eb) \Device\Harddisk1\DR1
09:34:06.0047 2360 \Device\Harddisk1\DR1 - ok
09:34:06.0069 2360 Boot (0x1200) (568b19dee2dcf461b20c2894e7538726) \Device\Harddisk0\DR0\Partition0
09:34:06.0098 2360 \Device\Harddisk0\DR0\Partition0 - ok
09:34:06.0127 2360 Boot (0x1200) (1d22670f41c5440c843dc294e1eba15c) \Device\Harddisk0\DR0\Partition1
09:34:06.0128 2360 \Device\Harddisk0\DR0\Partition1 - ok
09:34:06.0128 2360 ============================================================
09:34:06.0129 2360 Scan finished
09:34:06.0129 2360 ============================================================
09:34:06.0141 2856 Detected object count: 9
09:34:06.0141 2856 Actual detected object count: 9
09:35:05.0031 2856 jswpsapi ( UnsignedFile.Multi.Generic ) - skipped by user
09:35:05.0031 2856 jswpsapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:35:05.0031 2856 mbmiodrvr ( UnsignedFile.Multi.Generic ) - skipped by user
09:35:05.0031 2856 mbmiodrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:35:05.0031 2856 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
09:35:05.0031 2856 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:35:05.0031 2856 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user
09:35:05.0031 2856 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:35:05.0047 2856 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
09:35:05.0047 2856 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:35:05.0047 2856 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
09:35:05.0047 2856 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:35:05.0047 2856 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:35:05.0047 2856 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:35:05.0047 2856 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:35:05.0047 2856 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:35:05.0047 2856 Realtek8185 ( UnsignedFile.Multi.Generic ) - skipped by user
09:35:05.0047 2856 Realtek8185 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:35:44.0255 1408 ============================================================
09:35:44.0255 1408 Scan started
09:35:44.0255 1408 Mode: Manual; SigCheck; TDLFS;
09:35:44.0255 1408 ============================================================
09:35:44.0879 1408 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:35:44.0911 1408 1394ohci - ok
09:35:44.0926 1408 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:35:44.0942 1408 ACPI - ok
09:35:44.0957 1408 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:35:44.0973 1408 AcpiPmi - ok
09:35:45.0051 1408 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:35:45.0067 1408 AdobeFlashPlayerUpdateSvc - ok
09:35:45.0113 1408 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:35:45.0129 1408 adp94xx - ok
09:35:45.0160 1408 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:35:45.0176 1408 adpahci - ok
09:35:45.0191 1408 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:35:45.0207 1408 adpu320 - ok
09:35:45.0238 1408 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:35:45.0285 1408 AeLookupSvc - ok
09:35:45.0363 1408 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:35:45.0379 1408 AFD - ok
09:35:45.0441 1408 AffinegyService (b29bc445561f1ac7b1daf67af954c36b) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
09:35:45.0472 1408 AffinegyService - ok
09:35:45.0503 1408 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
09:35:45.0519 1408 AgereModemAudio - ok
09:35:45.0581 1408 AgereSoftModem (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
09:35:45.0597 1408 AgereSoftModem - ok
09:35:45.0613 1408 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:35:45.0628 1408 agp440 - ok
09:35:45.0644 1408 ahcix64s (f114aabfde93a8ef2b4988eb29d14306) C:\Windows\system32\drivers\ahcix64s.sys
09:35:45.0659 1408 ahcix64s - ok
09:35:45.0691 1408 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:35:45.0706 1408 ALG - ok
09:35:45.0722 1408 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:35:45.0737 1408 aliide - ok
09:35:45.0769 1408 AMD External Events Utility (a359974eaac83a435497c52f62a2e590) C:\Windows\system32\atiesrxx.exe
09:35:45.0784 1408 AMD External Events Utility - ok
09:35:45.0800 1408 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:35:45.0815 1408 amdide - ok
09:35:45.0831 1408 amdide64 (e921853f1838ecc009a6835a8bdadb9e) C:\Windows\system32\DRIVERS\amdide64.sys
09:35:45.0847 1408 amdide64 - ok
09:35:45.0878 1408 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:35:45.0893 1408 AmdK8 - ok
09:35:46.0174 1408 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
09:35:46.0299 1408 amdkmdag - ok
09:35:46.0424 1408 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
09:35:46.0455 1408 amdkmdap - ok
09:35:46.0486 1408 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:35:46.0502 1408 AmdPPM - ok
09:35:46.0533 1408 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:35:46.0549 1408 amdsata - ok
09:35:46.0564 1408 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:35:46.0580 1408 amdsbs - ok
09:35:46.0595 1408 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:35:46.0611 1408 amdxata - ok
09:35:46.0642 1408 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:35:46.0673 1408 AppID - ok
09:35:46.0705 1408 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:35:46.0751 1408 AppIDSvc - ok
09:35:46.0783 1408 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:35:46.0829 1408 Appinfo - ok
09:35:46.0907 1408 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:35:46.0923 1408 Apple Mobile Device - ok
09:35:46.0954 1408 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:35:46.0970 1408 arc - ok
09:35:46.0985 1408 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:35:46.0985 1408 arcsas - ok
09:35:47.0032 1408 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
09:35:47.0048 1408 aswFsBlk - ok
09:35:47.0048 1408 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
09:35:47.0063 1408 aswMonFlt - ok
09:35:47.0079 1408 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
09:35:47.0095 1408 aswRdr - ok
09:35:47.0126 1408 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
09:35:47.0157 1408 aswSnx - ok
09:35:47.0188 1408 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
09:35:47.0219 1408 aswSP - ok
09:35:47.0219 1408 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
09:35:47.0235 1408 aswTdi - ok
09:35:47.0266 1408 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:35:47.0297 1408 AsyncMac - ok
09:35:47.0313 1408 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:35:47.0329 1408 atapi - ok
09:35:47.0344 1408 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\Windows\system32\drivers\AtihdW76.sys
09:35:47.0360 1408 AtiHDAudioService - ok
09:35:47.0391 1408 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
09:35:47.0407 1408 AtiHdmiService - ok
09:35:47.0703 1408 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
09:35:47.0812 1408 atikmdag - ok
09:35:47.0953 1408 AtiPcie (db0d3de15edc96e7529fc0d3f7760894) C:\Windows\system32\DRIVERS\AtiPcie.sys
09:35:47.0968 1408 AtiPcie - ok
09:35:47.0999 1408 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
09:35:48.0015 1408 atksgt - ok
09:35:48.0062 1408 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:35:48.0109 1408 AudioEndpointBuilder - ok
09:35:48.0109 1408 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:35:48.0155 1408 AudioSrv - ok
09:35:48.0233 1408 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
09:35:48.0249 1408 avast! Antivirus - ok
09:35:48.0280 1408 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:35:48.0296 1408 AxInstSV - ok
09:35:48.0343 1408 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:35:48.0358 1408 b06bdrv - ok
09:35:48.0374 1408 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:35:48.0389 1408 b57nd60a - ok
09:35:48.0421 1408 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:35:48.0436 1408 BDESVC - ok
09:35:48.0452 1408 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:35:48.0499 1408 Beep - ok
09:35:48.0545 1408 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:35:48.0592 1408 BFE - ok
09:35:48.0639 1408 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:35:48.0686 1408 BITS - ok
09:35:48.0748 1408 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:35:48.0764 1408 blbdrive - ok
09:35:48.0826 1408 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
09:35:48.0842 1408 Bonjour Service - ok
09:35:48.0857 1408 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:35:48.0873 1408 bowser - ok
09:35:48.0873 1408 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:35:48.0904 1408 BrFiltLo - ok
09:35:48.0904 1408 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:35:48.0920 1408 BrFiltUp - ok
09:35:48.0967 1408 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:35:48.0998 1408 Browser - ok
09:35:49.0045 1408 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:35:49.0060 1408 Brserid - ok
09:35:49.0060 1408 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:35:49.0091 1408 BrSerWdm - ok
09:35:49.0091 1408 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:35:49.0107 1408 BrUsbMdm - ok
09:35:49.0123 1408 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:35:49.0138 1408 BrUsbSer - ok
09:35:49.0154 1408 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:35:49.0169 1408 BTHMODEM - ok
09:35:49.0201 1408 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:35:49.0247 1408 bthserv - ok
09:35:49.0263 1408 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:35:49.0294 1408 cdfs - ok
09:35:49.0450 1408 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:35:49.0466 1408 cdrom - ok
09:35:49.0481 1408 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:35:49.0528 1408 CertPropSvc - ok
09:35:49.0559 1408 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:35:49.0575 1408 circlass - ok
09:35:49.0606 1408 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:35:49.0622 1408 CLFS - ok
09:35:49.0684 1408 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:35:49.0700 1408 clr_optimization_v2.0.50727_32 - ok
09:35:49.0731 1408 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:35:49.0747 1408 clr_optimization_v2.0.50727_64 - ok
09:35:49.0778 1408 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:35:49.0793 1408 clr_optimization_v4.0.30319_32 - ok
09:35:49.0809 1408 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:35:49.0825 1408 clr_optimization_v4.0.30319_64 - ok
09:35:49.0856 1408 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:35:49.0871 1408 CmBatt - ok
09:35:49.0887 1408 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:35:49.0903 1408 cmdide - ok
09:35:49.0918 1408 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:35:49.0949 1408 CNG - ok
09:35:49.0965 1408 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:35:49.0981 1408 Compbatt - ok
09:35:49.0996 1408 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:35:50.0012 1408 CompositeBus - ok
09:35:50.0012 1408 COMSysApp - ok
09:35:50.0027 1408 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:35:50.0043 1408 crcdisk - ok
09:35:50.0090 1408 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:35:50.0131 1408 CryptSvc - ok
09:35:50.0182 1408 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:35:50.0231 1408 DcomLaunch - ok
09:35:50.0273 1408 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:35:50.0317 1408 defragsvc - ok
09:35:50.0349 1408 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:35:50.0390 1408 DfsC - ok
09:35:50.0408 1408 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:35:50.0451 1408 Dhcp - ok
09:35:50.0478 1408 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:35:50.0518 1408 discache - ok
09:35:50.0528 1408 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:35:50.0542 1408 Disk - ok
09:35:50.0569 1408 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:35:50.0585 1408 Dnscache - ok
09:35:50.0622 1408 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:35:50.0666 1408 dot3svc - ok
09:35:50.0704 1408 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
09:35:50.0722 1408 Dot4 - ok
09:35:50.0737 1408 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
09:35:50.0755 1408 Dot4Print - ok
09:35:50.0762 1408 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
09:35:50.0780 1408 dot4usb - ok
09:35:50.0813 1408 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:35:50.0852 1408 DPS - ok
09:35:50.0866 1408 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:35:50.0883 1408 drmkaud - ok
09:35:50.0904 1408 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:35:50.0919 1408 dtsoftbus01 - ok
09:35:50.0974 1408 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:35:51.0003 1408 DXGKrnl - ok
09:35:51.0058 1408 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:35:51.0093 1408 EapHost - ok
09:35:51.0258 1408 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:35:51.0307 1408 ebdrv - ok
09:35:51.0394 1408 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:35:51.0411 1408 EFS - ok
09:35:51.0493 1408 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:35:51.0518 1408 ehRecvr - ok
09:35:51.0551 1408 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:35:51.0567 1408 ehSched - ok
09:35:51.0643 1408 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:35:51.0665 1408 elxstor - ok
09:35:51.0688 1408 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:35:51.0703 1408 ErrDev - ok
09:35:51.0752 1408 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:35:51.0810 1408 EventSystem - ok
09:35:51.0826 1408 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:35:51.0869 1408 exfat - ok
09:35:51.0887 1408 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:35:51.0930 1408 fastfat - ok
09:35:51.0976 1408 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:35:51.0999 1408 Fax - ok
09:35:52.0036 1408 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:35:52.0050 1408 fdc - ok
09:35:52.0082 1408 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:35:52.0124 1408 fdPHost - ok
09:35:52.0131 1408 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:35:52.0173 1408 FDResPub - ok
09:35:52.0184 1408 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:35:52.0198 1408 FileInfo - ok
09:35:52.0208 1408 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:35:52.0249 1408 Filetrace - ok
09:35:52.0257 1408 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:35:52.0279 1408 flpydisk - ok
09:35:52.0312 1408 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:35:52.0330 1408 FltMgr - ok
09:35:52.0392 1408 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:35:52.0421 1408 FontCache - ok
09:35:52.0531 1408 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:35:52.0543 1408 FontCache3.0.0.0 - ok
09:35:52.0606 1408 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:35:52.0620 1408 FsDepends - ok
09:35:52.0643 1408 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:35:52.0657 1408 Fs_Rec - ok
09:35:52.0694 1408 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:35:52.0714 1408 fvevol - ok
09:35:52.0730 1408 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:35:52.0744 1408 gagp30kx - ok
09:35:52.0842 1408 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:35:52.0854 1408 GEARAspiWDM - ok
09:35:52.0890 1408 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:35:52.0940 1408 gpsvc - ok
09:35:53.0023 1408 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:35:53.0037 1408 gupdate - ok
09:35:53.0040 1408 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:35:53.0053 1408 gupdatem - ok
09:35:53.0077 1408 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:35:53.0092 1408 gusvc - ok
09:35:53.0121 1408 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:35:53.0135 1408 hcw85cir - ok
09:35:53.0175 1408 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
09:35:53.0196 1408 HdAudAddService - ok
09:35:53.0217 1408 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:35:53.0236 1408 HDAudBus - ok
09:35:53.0249 1408 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:35:53.0264 1408 HidBatt - ok
09:35:53.0281 1408 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:35:53.0300 1408 HidBth - ok
09:35:53.0312 1408 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:35:53.0330 1408 HidIr - ok
09:35:53.0359 1408 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:35:53.0402 1408 hidserv - ok
09:35:53.0417 1408 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
09:35:53.0432 1408 HidUsb - ok
09:35:53.0463 1408 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:35:53.0505 1408 hkmsvc - ok
09:35:53.0542 1408 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:35:53.0560 1408 HomeGroupListener - ok
09:35:53.0592 1408 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:35:53.0609 1408 HomeGroupProvider - ok
09:35:53.0625 1408 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:35:53.0640 1408 HpSAMD - ok
09:35:53.0687 1408 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:35:53.0734 1408 HTTP - ok
09:35:53.0750 1408 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:35:53.0750 1408 hwpolicy - ok
09:35:53.0781 1408 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:35:53.0796 1408 i8042prt - ok
09:35:53.0828 1408 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
09:35:53.0859 1408 iaStor - ok
09:35:53.0874 1408 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:35:53.0906 1408 iaStorV - ok
09:35:54.0030 1408 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:35:54.0062 1408 idsvc - ok
09:35:54.0094 1408 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:35:54.0108 1408 iirsp - ok
09:35:54.0160 1408 IJPLMSVC (e5e6a7d13bbc0f80b866d021f306bf6c) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
09:35:54.0172 1408 IJPLMSVC - ok
09:35:54.0225 1408 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:35:54.0276 1408 IKEEXT - ok
09:35:54.0368 1408 IntcAzAudAddService (9aa6a93852e36fe76c3f7fc2904f3b01) C:\Windows\system32\drivers\RTKVHD64.sys
09:35:54.0410 1408 IntcAzAudAddService - ok
09:35:54.0532 1408 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:35:54.0546 1408 intelide - ok
09:35:54.0571 1408 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:35:54.0586 1408 intelppm - ok
09:35:54.0617 1408 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:35:54.0661 1408 IPBusEnum - ok
09:35:54.0692 1408 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:35:54.0732 1408 IpFilterDriver - ok
09:35:54.0761 1408 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
09:35:54.0809 1408 iphlpsvc - ok
09:35:54.0822 1408 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:35:54.0838 1408 IPMIDRV - ok
09:35:54.0855 1408 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:35:54.0897 1408 IPNAT - ok
09:35:54.0967 1408 iPod Service (a9e53e1a9c4274eebc00d36ae5ed40de) C:\Program Files\iPod\bin\iPodService.exe
09:35:54.0993 1408 iPod Service - ok
09:35:55.0019 1408 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:35:55.0038 1408 IRENUM - ok
09:35:55.0059 1408 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:35:55.0065 1408 isapnp - ok
09:35:55.0080 1408 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:35:55.0096 1408 iScsiPrt - ok
09:35:55.0127 1408 johci (bb851eda4211d8d013d93f361adb13b5) C:\Windows\system32\DRIVERS\johci.sys
09:35:55.0127 1408 johci - ok
09:35:55.0205 1408 jswpsapi (78d233d835a8876035ac559afe02b940) C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe
09:35:55.0236 1408 jswpsapi ( UnsignedFile.Multi.Generic ) - warning
09:35:55.0236 1408 jswpsapi - detected UnsignedFile.Multi.Generic (1)
09:35:55.0252 1408 JSWPSLWF (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys
09:35:55.0268 1408 JSWPSLWF - ok
09:35:55.0283 1408 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:35:55.0299 1408 kbdclass - ok
09:35:55.0299 1408 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:35:55.0314 1408 kbdhid - ok
09:35:55.0346 1408 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:35:55.0361 1408 KeyIso - ok
09:35:55.0377 1408 KMWDFILTER (a745d7d34b27c15d72f705fda762600d) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
09:35:55.0392 1408 KMWDFILTER - ok
09:35:55.0408 1408 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:35:55.0424 1408 KSecDD - ok
09:35:55.0439 1408 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:35:55.0455 1408 KSecPkg - ok
09:35:55.0486 1408 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:35:55.0517 1408 ksthunk - ok
09:35:55.0548 1408 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:35:55.0595 1408 KtmRm - ok
09:35:55.0626 1408 L8042Kbd (f33c5d79d3273530e1892a0922283a7b) C:\Windows\system32\DRIVERS\L8042Kbd.sys
09:35:55.0642 1408 L8042Kbd - ok
09:35:55.0658 1408 L8042mou (a6fe2e63441094074f57243fb0fdb45a) C:\Windows\system32\DRIVERS\L8042mou.Sys
09:35:55.0673 1408 L8042mou - ok
09:35:55.0704 1408 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:35:55.0751 1408 LanmanServer - ok
09:35:55.0782 1408 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:35:55.0829 1408 LanmanWorkstation - ok
09:35:55.0923 1408 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
09:35:55.0938 1408 LBTServ - ok
09:35:55.0954 1408 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:35:55.0970 1408 LHidFilt - ok
09:35:55.0985 1408 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
09:35:56.0001 1408 lirsgt - ok
09:35:56.0032 1408 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:35:56.0079 1408 lltdio - ok
09:35:56.0110 1408 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:35:56.0157 1408 lltdsvc - ok
09:35:56.0172 1408 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:35:56.0204 1408 lmhosts - ok
09:35:56.0219 1408 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:35:56.0235 1408 LMouFilt - ok
09:35:56.0250 1408 LMouKE (f518c34c137348b7dbe5343acc646a1c) C:\Windows\system32\DRIVERS\LMouKE.Sys
09:35:56.0266 1408 LMouKE - ok
09:35:56.0282 1408 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:35:56.0297 1408 LSI_FC - ok
09:35:56.0297 1408 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:35:56.0313 1408 LSI_SAS - ok
09:35:56.0328 1408 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:35:56.0344 1408 LSI_SAS2 - ok
09:35:56.0375 1408 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:35:56.0391 1408 LSI_SCSI - ok
09:35:56.0406 1408 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:35:56.0453 1408 luafv - ok
09:35:56.0516 1408 mbmiodrvr (2e1652d8ab971403eaaddc921800b1fa) C:\Windows\syswow64\mbmiodrvr.sys
09:35:56.0516 1408 mbmiodrvr ( UnsignedFile.Multi.Generic ) - warning
09:35:56.0516 1408 mbmiodrvr - detected UnsignedFile.Multi.Generic (1)
09:35:56.0578 1408 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
09:35:56.0594 1408 McciCMService ( UnsignedFile.Multi.Generic ) - warning
09:35:56.0594 1408 McciCMService - detected UnsignedFile.Multi.Generic (1)
09:35:56.0625 1408 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe
09:35:56.0640 1408 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning
09:35:56.0640 1408 McciCMService64 - detected UnsignedFile.Multi.Generic (1)
09:35:56.0718 1408 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:35:56.0734 1408 Mcx2Svc - ok
09:35:56.0812 1408 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:35:56.0828 1408 megasas - ok
09:35:56.0859 1408 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:35:56.0874 1408 MegaSR - ok
09:35:56.0921 1408 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:35:56.0968 1408 MMCSS - ok
09:35:56.0968 1408 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:35:57.0015 1408 Modem - ok
09:35:57.0030 1408 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:35:57.0046 1408 monitor - ok
09:35:57.0062 1408 motmodem (e90aba3c6f01be2c456c4aa857b28646) C:\Windows\system32\DRIVERS\motmodem.sys
09:35:57.0077 1408 motmodem - ok
09:35:57.0108 1408 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
09:35:57.0124 1408 mouclass - ok
09:35:57.0140 1408 moufiltr (80db1a0d262c71dda698f4c20a7c19de) C:\Windows\system32\DRIVERS\moufiltr.sys
09:35:57.0155 1408 moufiltr - ok
09:35:57.0186 1408 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:35:57.0202 1408 mouhid - ok
09:35:57.0233 1408 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:35:57.0249 1408 mountmgr - ok
09:35:57.0264 1408 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:35:57.0280 1408 mpio - ok
09:35:57.0296 1408 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:35:57.0342 1408 mpsdrv - ok
09:35:57.0389 1408 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
09:35:57.0452 1408 MpsSvc - ok
09:35:57.0498 1408 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
09:35:57.0498 1408 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
09:35:57.0498 1408 MREMP50 - detected UnsignedFile.Multi.Generic (1)
09:35:57.0514 1408 MREMP50a64 - ok
09:35:57.0514 1408 MREMPR5 - ok
09:35:57.0530 1408 MRENDIS5 - ok
09:35:57.0545 1408 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
09:35:57.0545 1408 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
09:35:57.0545 1408 MRESP50 - detected UnsignedFile.Multi.Generic (1)
09:35:57.0545 1408 MRESP50a64 - ok
09:35:57.0592 1408 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:35:57.0608 1408 MRxDAV - ok
09:35:57.0639 1408 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:35:57.0654 1408 mrxsmb - ok
09:35:57.0670 1408 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:35:57.0686 1408 mrxsmb10 - ok
09:35:57.0701 1408 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:35:57.0717 1408 mrxsmb20 - ok
09:35:57.0732 1408 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:35:57.0732 1408 msahci - ok
09:35:57.0764 1408 MSCamSvc (41fb1d61df09c36ccab0b04eec66f6d5) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
09:35:57.0779 1408 MSCamSvc - ok
09:35:57.0810 1408 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:35:57.0826 1408 msdsm - ok
09:35:57.0857 1408 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:35:57.0873 1408 MSDTC - ok
09:35:57.0904 1408 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:35:57.0951 1408 Msfs - ok
09:35:57.0966 1408 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:35:57.0998 1408 mshidkmdf - ok
09:35:58.0013 1408 MSHUSBVideo (26668cc2920de2497a8e369b16e48ca3) C:\Windows\system32\Drivers\nx6000.sys
09:35:58.0029 1408 MSHUSBVideo - ok
09:35:58.0029 1408 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:35:58.0044 1408 msisadrv - ok
09:35:58.0091 1408 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:35:58.0122 1408 MSiSCSI - ok
09:35:58.0138 1408 msiserver - ok
09:35:58.0138 1408 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:35:58.0185 1408 MSKSSRV - ok
09:35:58.0200 1408 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:35:58.0232 1408 MSPCLOCK - ok
09:35:58.0247 1408 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:35:58.0278 1408 MSPQM - ok
09:35:58.0325 1408 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:35:58.0341 1408 MsRPC - ok
09:35:58.0356 1408 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:35:58.0372 1408 mssmbios - ok
09:35:58.0403 1408 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:35:58.0450 1408 MSTEE - ok
09:35:58.0450 1408 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:35:58.0466 1408 MTConfig - ok
09:35:58.0481 1408 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:35:58.0497 1408 Mup - ok
09:35:58.0544 1408 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:35:58.0590 1408 napagent - ok
09:35:58.0622 1408 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:35:58.0637 1408 NativeWifiP - ok
09:35:58.0684 1408 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:35:58.0700 1408 NDIS - ok
09:35:58.0715 1408 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:35:58.0762 1408 NdisCap - ok
09:35:58.0762 1408 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:35:58.0809 1408 NdisTapi - ok
09:35:58.0840 1408 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:35:58.0887 1408 Ndisuio - ok
09:35:58.0918 1408 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:35:58.0949 1408 NdisWan - ok
09:35:58.0980 1408 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:35:59.0027 1408 NDProxy - ok
09:35:59.0043 1408 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
09:35:59.0058 1408 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:35:59.0058 1408 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:35:59.0090 1408 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:35:59.0121 1408 NetBIOS - ok
09:35:59.0168 1408 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:35:59.0199 1408 NetBT - ok
09:35:59.0230 1408 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:35:59.0246 1408 Netlogon - ok
09:35:59.0277 1408 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:35:59.0324 1408 Netman - ok
09:35:59.0355 1408 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:35:59.0402 1408 netprofm - ok
09:35:59.0526 1408 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:35:59.0542 1408 NetTcpPortSharing - ok
09:35:59.0589 1408 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:35:59.0604 1408 nfrd960 - ok
09:35:59.0651 1408 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:35:59.0698 1408 NlaSvc - ok
09:35:59.0714 1408 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:35:59.0760 1408 Npfs - ok
09:35:59.0792 1408 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:35:59.0838 1408 nsi - ok
09:35:59.0838 1408 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:35:59.0885 1408 nsiproxy - ok
09:35:59.0948 1408 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:35:59.0994 1408 Ntfs - ok
09:36:00.0072 1408 NTIBackupSvc (973dcb15731339fca176e534055cf115) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
09:36:00.0088 1408 NTIBackupSvc - ok
09:36:00.0197 1408 NTIDrvr (7d397449aaf52b0e7c79b64f6ad4473e) C:\Windows\system32\Drivers\NTIDrvr.sys
09:36:00.0213 1408 NTIDrvr - ok
09:36:00.0228 1408 NTISchedulerSvc (58751f9248d50bce1053976c9e2f0859) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
09:36:00.0244 1408 NTISchedulerSvc - ok
09:36:00.0260 1408 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:36:00.0306 1408 Null - ok
09:36:00.0322 1408 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:36:00.0338 1408 nvraid - ok
09:36:00.0353 1408 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:36:00.0369 1408 nvstor - ok
09:36:00.0384 1408 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:36:00.0400 1408 nv_agp - ok
09:36:00.0494 1408 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:36:00.0509 1408 odserv - ok
09:36:00.0540 1408 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:36:00.0556 1408 ohci1394 - ok
09:36:00.0572 1408 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:36:00.0587 1408 ose - ok
09:36:00.0618 1408 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:36:00.0634 1408 p2pimsvc - ok
09:36:00.0665 1408 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:36:00.0681 1408 p2psvc - ok
09:36:00.0728 1408 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:36:00.0743 1408 Parport - ok
09:36:00.0759 1408 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
09:36:00.0774 1408 partmgr - ok
09:36:00.0790 1408 PCAMp50a64 (304e6ac43613a9c43896c4300009442b) C:\Windows\system32\Drivers\PCAMp50a64.sys
09:36:00.0806 1408 PCAMp50a64 - ok
09:36:00.0821 1408 PCASp50a64 (18b6869e23937175144e6f1d3cb85fc2) C:\Windows\system32\Drivers\PCASp50a64.sys
09:36:00.0821 1408 PCASp50a64 - ok
09:36:00.0868 1408 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:36:00.0884 1408 PcaSvc - ok
09:36:00.0915 1408 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:36:00.0930 1408 pci - ok
09:36:00.0946 1408 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:36:00.0962 1408 pciide - ok
09:36:00.0993 1408 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:36:01.0008 1408 pcmcia - ok
09:36:01.0024 1408 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:36:01.0040 1408 pcw - ok
09:36:01.0071 1408 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:36:01.0118 1408 PEAUTH - ok
09:36:01.0196 1408 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:36:01.0211 1408 PerfHost - ok
09:36:01.0336 1408 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:36:01.0398 1408 pla - ok
09:36:01.0430 1408 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:36:01.0445 1408 PlugPlay - ok
09:36:01.0461 1408 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
09:36:01.0476 1408 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:36:01.0476 1408 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:36:01.0492 1408 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:36:01.0508 1408 PNRPAutoReg - ok
09:36:01.0539 1408 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:36:01.0570 1408 PNRPsvc - ok
09:36:01.0601 1408 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:36:01.0648 1408 PolicyAgent - ok
09:36:01.0679 1408 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:36:01.0710 1408 Power - ok
09:36:01.0788 1408 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:36:01.0820 1408 PptpMiniport - ok
09:36:01.0851 1408 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:36:01.0866 1408 Processor - ok
09:36:01.0882 1408 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:36:01.0929 1408 ProfSvc - ok
09:36:01.0944 1408 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:36:01.0960 1408 ProtectedStorage - ok
09:36:01.0991 1408 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:36:02.0038 1408 Psched - ok
09:36:02.0116 1408 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:36:02.0147 1408 ql2300 - ok
09:36:02.0288 1408 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:36:02.0303 1408 ql40xx - ok
09:36:02.0334 1408 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:36:02.0350 1408 QWAVE - ok
09:36:02.0366 1408 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:36:02.0381 1408 QWAVEdrv - ok
09:36:02.0397 1408 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:36:02.0444 1408 RasAcd - ok
09:36:02.0475 1408 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:36:02.0522 1408 RasAgileVpn - ok
09:36:02.0522 1408 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:36:02.0568 1408 RasAuto - ok
09:36:02.0600 1408 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:36:02.0646 1408 Rasl2tp - ok
09:36:02.0678 1408 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:36:02.0724 1408 RasMan - ok
09:36:02.0756 1408 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:36:02.0802 1408 RasPppoe - ok
09:36:02.0802 1408 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:36:02.0849 1408 RasSstp - ok
09:36:02.0896 1408 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:36:02.0943 1408 rdbss - ok
09:36:02.0943 1408 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:36:02.0974 1408 rdpbus - ok
09:36:02.0974 1408 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:36:03.0021 1408 RDPCDD - ok
09:36:03.0036 1408 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:36:03.0068 1408 RDPENCDD - ok
09:36:03.0083 1408 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:36:03.0114 1408 RDPREFMP - ok
09:36:03.0146 1408 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:36:03.0161 1408 RDPWD - ok
09:36:03.0192 1408 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:36:03.0208 1408 rdyboost - ok
09:36:03.0286 1408 Realtek8185 (bbfcac1c23b867ae5d7ef96df40680c5) C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe
09:36:03.0286 1408 Realtek8185 ( UnsignedFile.Multi.Generic ) - warning
09:36:03.0286 1408 Realtek8185 - detected UnsignedFile.Multi.Generic (1)
09:36:03.0317 1408 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:36:03.0348 1408 RemoteAccess - ok
09:36:03.0380 1408 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:36:03.0426 1408 RemoteRegistry - ok
09:36:03.0442 1408 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:36:03.0489 1408 RpcEptMapper - ok
09:36:03.0520 1408 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:36:03.0536 1408 RpcLocator - ok
09:36:03.0598 1408 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:36:03.0645 1408 RpcSs - ok
09:36:03.0707 1408 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:36:03.0926 1408 rspndr - ok
09:36:04.0347 1408 RTL85n64 (b98c18b12856dc2a915cc63e5c7d61e7) C:\Windows\system32\DRIVERS\RTL85n64.sys
09:36:04.0378 1408 RTL85n64 - ok
09:36:04.0596 1408 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:36:04.0612 1408 SamSs - ok
09:36:04.0706 1408 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:36:04.0721 1408 sbp2port - ok
09:36:04.0877 1408 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:36:04.0924 1408 SCardSvr - ok
09:36:04.0971 1408 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:36:05.0018 1408 scfilter - ok
09:36:05.0486 1408 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:36:05.0548 1408 Schedule - ok
09:36:05.0595 1408 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:36:05.0642 1408 SCPolicySvc - ok
09:36:05.0782 1408 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:36:05.0798 1408 SDRSVC - ok
09:36:05.0844 1408 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:36:05.0891 1408 seclogon - ok
09:36:05.0938 1408 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:36:05.0985 1408 SENS - ok
09:36:06.0016 1408 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:36:06.0047 1408 SensrSvc - ok
09:36:06.0156 1408 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:36:06.0172 1408 Serenum - ok
09:36:06.0219 1408 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:36:06.0234 1408 Serial - ok
09:36:06.0329 1408 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:36:06.0344 1408 sermouse - ok
09:36:06.0474 1408 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:36:06.0517 1408 SessionEnv - ok
09:36:06.0556 1408 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:36:06.0570 1408 sffdisk - ok
09:36:06.0573 1408 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:36:06.0588 1408 sffp_mmc - ok
09:36:06.0612 1408 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:36:06.0630 1408 sffp_sd - ok
09:36:06.0667 1408 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:36:06.0682 1408 sfloppy - ok
09:36:06.0830 1408 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:36:06.0875 1408 SharedAccess - ok
09:36:07.0009 1408 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:36:07.0054 1408 ShellHWDetection - ok
09:36:07.0101 1408 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:36:07.0116 1408 SiSRaid2 - ok
09:36:07.0157 1408 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:36:07.0172 1408 SiSRaid4 - ok
09:36:07.0284 1408 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
09:36:07.0300 1408 SkypeUpdate - ok
09:36:07.0362 1408 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:36:07.0393 1408 Smb - ok
09:36:07.0456 1408 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:36:07.0471 1408 SNMPTRAP - ok
09:36:07.0502 1408 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:36:07.0518 1408 spldr - ok
09:36:07.0658 1408 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:36:07.0705 1408 Spooler - ok
09:36:08.0782 1408 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:36:08.0860 1408 sppsvc - ok
09:36:09.0203 1408 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:36:09.0250 1408 sppuinotify - ok
09:36:09.0499 1408 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\System32\Drivers\sptd.sys
09:36:09.0515 1408 sptd - ok
09:36:09.0562 1408 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:36:09.0577 1408 srv - ok
09:36:09.0733 1408 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:36:09.0764 1408 srv2 - ok
09:36:09.0827 1408 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:36:09.0842 1408 srvnet - ok
09:36:09.0920 1408 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:36:09.0967 1408 SSDPSRV - ok
09:36:10.0030 1408 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:36:10.0076 1408 SstpSvc - ok
09:36:10.0154 1408 Steam Client Service - ok
09:36:10.0217 1408 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:36:10.0232 1408 stexstor - ok
09:36:10.0420 1408 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:36:10.0451 1408 stisvc - ok
09:36:10.0482 1408 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:36:10.0498 1408 swenum - ok
09:36:10.0560 1408 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:36:10.0607 1408 swprv - ok
09:36:11.0371 1408 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:36:11.0402 1408 SysMain - ok
09:36:11.0636 1408 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:36:11.0668 1408 TabletInputService - ok
09:36:11.0730 1408 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:36:11.0777 1408 TapiSrv - ok
09:36:11.0839 1408 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:36:11.0886 1408 TBS - ok
09:36:12.0338 1408 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
09:36:12.0385 1408 Tcpip - ok
09:36:13.0400 1408 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
09:36:13.0442 1408 TCPIP6 - ok
09:36:13.0827 1408 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:36:13.0866 1408 tcpipreg - ok
09:36:13.0880 1408 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:36:13.0894 1408 TDPIPE - ok
09:36:13.0960 1408 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:36:13.0974 1408 TDTCP - ok
09:36:14.0022 1408 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:36:14.0064 1408 tdx - ok
09:36:14.0121 1408 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:36:14.0136 1408 TermDD - ok
09:36:14.0357 1408 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:36:14.0403 1408 TermService - ok
09:36:14.0450 1408 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:36:14.0481 1408 Themes - ok
09:36:14.0544 1408 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:36:14.0591 1408 THREADORDER - ok
09:36:14.0684 1408 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:36:14.0731 1408 TrkWks - ok
09:36:14.0856 1408 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:36:14.0907 1408 TrustedInstaller - ok
09:36:14.0977 1408 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:36:15.0017 1408 tssecsrv - ok
09:36:15.0074 1408 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:36:15.0088 1408 TsUsbFlt - ok
09:36:15.0157 1408 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:36:15.0197 1408 tunnel - ok
09:36:15.0242 1408 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:36:15.0257 1408 uagp35 - ok
09:36:15.0307 1408 UBHelper (00c8ce31657624a125fdb90efd554371) C:\Windows\system32\drivers\UBHelper.sys
09:36:15.0320 1408 UBHelper - ok
09:36:15.0419 1408 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:36:15.0463 1408 udfs - ok
09:36:15.0518 1408 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:36:15.0538 1408 UI0Detect - ok
09:36:15.0632 1408 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:36:15.0647 1408 uliagpkx - ok
09:36:15.0670 1408 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
09:36:15.0685 1408 umbus - ok
09:36:15.0714 1408 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:36:15.0729 1408 UmPass - ok
09:36:15.0827 1408 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:36:15.0859 1408 upnphost - ok
09:36:15.0922 1408 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
09:36:15.0922 1408 USBAAPL64 - ok
09:36:16.0000 1408 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
09:36:16.0015 1408 usbaudio - ok
09:36:16.0078 1408 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:36:16.0093 1408 usbccgp - ok
09:36:16.0140 1408 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:36:16.0171 1408 usbcir - ok
09:36:16.0218 1408 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
09:36:16.0218 1408 usbehci - ok
09:36:16.0327 1408 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:36:16.0343 1408 usbhub - ok
09:36:16.0374 1408 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
09:36:16.0390 1408 usbohci - ok
09:36:16.0436 1408 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:36:16.0452 1408 usbprint - ok
09:36:16.0514 1408 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:36:16.0530 1408 usbscan - ok
09:36:16.0592 1408 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:36:16.0608 1408 USBSTOR - ok
09:36:16.0655 1408 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:36:16.0670 1408 usbuhci - ok
09:36:16.0811 1408 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
09:36:16.0842 1408 usbvideo - ok
09:36:16.0878 1408 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:36:16.0920 1408 UxSms - ok
09:36:17.0014 1408 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:36:17.0030 1408 VaultSvc - ok
09:36:17.0110 1408 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
09:36:17.0124 1408 VClone - ok
09:36:17.0144 1408 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:36:17.0159 1408 vdrvroot - ok
09:36:17.0361 1408 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:36:17.0410 1408 vds - ok
09:36:17.0462 1408 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:36:17.0480 1408 vga - ok
09:36:17.0506 1408 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:36:17.0547 1408 VgaSave - ok
09:36:17.0772 1408 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:36:17.0789 1408 vhdmp - ok
09:36:17.0848 1408 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:36:17.0862 1408 viaide - ok
09:36:17.0972 1408 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:36:17.0986 1408 volmgr - ok
09:36:18.0151 1408 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:36:18.0170 1408 volmgrx - ok
09:36:18.0314 1408 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:36:18.0330 1408 volsnap - ok
09:36:18.0564 1408 vpnagent (e4d2305ebb9de0871a1e13294d0f349b) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
09:36:18.0579 1408 vpnagent - ok
09:36:18.0626 1408 vpnva (0e4df91e83da5739ffb18535d4db10aa) C:\Windows\system32\DRIVERS\vpnva64.sys
09:36:18.0642 1408 vpnva - ok
09:36:18.0782 1408 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:36:18.0798 1408 vsmraid - ok
09:36:19.0454 1408 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:36:19.0514 1408 VSS - ok
09:36:19.0798 1408 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
09:36:19.0816 1408 vwifibus - ok
09:36:19.0925 1408 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:36:19.0956 1408 vwififlt - ok
09:36:20.0096 1408 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:36:20.0143 1408 W32Time - ok
09:36:20.0174 1408 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:36:20.0190 1408 WacomPen - ok
09:36:20.0221 1408 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:36:20.0252 1408 WANARP - ok
09:36:20.0268 1408 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:36:20.0299 1408 Wanarpv6 - ok
09:36:20.0362 1408 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:36:20.0393 1408 WatAdminSvc - ok
09:36:20.0471 1408 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:36:20.0502 1408 wbengine - ok
09:36:20.0611 1408 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:36:20.0642 1408 WbioSrvc - ok
09:36:20.0674 1408 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:36:20.0705 1408 wcncsvc - ok
09:36:20.0720 1408 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:36:20.0736 1408 WcsPlugInService - ok
09:36:20.0798 1408 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:36:20.0814 1408 Wd - ok
09:36:20.0845 1408 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:36:20.0861 1408 Wdf01000 - ok
09:36:20.0954 1408 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:36:20.0979 1408 WdiServiceHost - ok
09:36:20.0982 1408 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:36:21.0007 1408 WdiSystemHost - ok
09:36:21.0137 1408 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:36:21.0163 1408 WebClient - ok
09:36:21.0270 1408 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:36:21.0315 1408 Wecsvc - ok
09:36:21.0398 1408 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:36:21.0442 1408 wercplsupport - ok
09:36:21.0469 1408 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:36:21.0514 1408 WerSvc - ok
09:36:21.0605 1408 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:36:21.0645 1408 WfpLwf - ok
09:36:21.0678 1408 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:36:21.0693 1408 WIMMount - ok
09:36:21.0762 1408 WinDefend - ok
09:36:21.0769 1408 WinHttpAutoProxySvc - ok
09:36:22.0059 1408 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:36:22.0104 1408 Winmgmt - ok
09:36:22.0570 1408 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:36:22.0632 1408 WinRM - ok
09:36:22.0980 1408 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:36:22.0998 1408 WinUsb - ok
09:36:23.0283 1408 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:36:23.0317 1408 Wlansvc - ok
09:36:23.0688 1408 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:36:23.0735 1408 wlidsvc - ok
09:36:24.0088 1408 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:36:24.0103 1408 WmiAcpi - ok
09:36:24.0213 1408 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:36:24.0228 1408 wmiApSrv - ok
09:36:24.0291 1408 WMPNetworkSvc - ok
09:36:24.0603 1408 WN111v2 (b972c12de88299e78f6656a31046dd99) C:\Windows\system32\DRIVERS\WN111v2w7x.sys
09:36:24.0618 1408 WN111v2 - ok
09:36:24.0665 1408 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:36:24.0681 1408 WPCSvc - ok
09:36:24.0774 1408 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:36:24.0790 1408 WPDBusEnum - ok
09:36:24.0883 1408 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:36:24.0933 1408 ws2ifsl - ok
09:36:25.0065 1408 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
09:36:25.0089 1408 wscsvc - ok
09:36:25.0092 1408 WSearch - ok
09:36:25.0592 1408 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:36:25.0662 1408 wuauserv - ok
09:36:25.0980 1408 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:36:26.0011 1408 WudfPf - ok
09:36:26.0167 1408 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:36:26.0199 1408 WUDFRd - ok
09:36:26.0277 1408 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:36:26.0323 1408 wudfsvc - ok
09:36:26.0417 1408 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:36:26.0433 1408 WwanSvc - ok
09:36:26.0620 1408 yukonw7 (b2818bfab7817f7e7ee886f58b15b35c) C:\Windows\system32\DRIVERS\yk62x64.sys
09:36:26.0635 1408 yukonw7 - ok
09:36:26.0667 1408 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:36:27.0010 1408 \Device\Harddisk0\DR0 - ok
09:36:27.0010 1408 MBR (0x1B8) (60fe89dcb718f9cc10c1cbccf52e70eb) \Device\Harddisk1\DR1
09:36:30.0660 1408 \Device\Harddisk1\DR1 - ok
09:36:30.0676 1408 Boot (0x1200) (568b19dee2dcf461b20c2894e7538726) \Device\Harddisk0\DR0\Partition0
09:36:30.0676 1408 \Device\Harddisk0\DR0\Partition0 - ok
09:36:30.0707 1408 Boot (0x1200) (1d22670f41c5440c843dc294e1eba15c) \Device\Harddisk0\DR0\Partition1
09:36:30.0754 1408 \Device\Harddisk0\DR0\Partition1 - ok
09:36:30.0754 1408 ============================================================
09:36:30.0769 1408 Scan finished
09:36:30.0769 1408 ============================================================
09:36:30.0769 3840 Detected object count: 9
09:36:30.0769 3840 Actual detected object count: 9
09:37:12.0928 3840 jswpsapi ( UnsignedFile.Multi.Generic ) - skipped by user
09:37:12.0928 3840 jswpsapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:37:12.0929 3840 mbmiodrvr ( UnsignedFile.Multi.Generic ) - skipped by user
09:37:12.0930 3840 mbmiodrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:37:12.0932 3840 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
09:37:12.0932 3840 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:37:12.0934 3840 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user
09:37:12.0934 3840 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:37:12.0935 3840 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
09:37:12.0935 3840 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:37:12.0937 3840 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
09:37:12.0937 3840 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:37:12.0939 3840 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:37:12.0939 3840 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:37:12.0940 3840 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:37:12.0940 3840 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:37:12.0942 3840 Realtek8185 ( UnsignedFile.Multi.Generic ) - skipped by user
09:37:12.0942 3840 Realtek8185 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:39:20.0300 3656 Deinitialize success




All processes killed
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin\ deleted successfully.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\$talisma_url$\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {B805D226-4CA5-499C-A8CA-3E61CF947A5D}
C:\Windows\Downloaded Program Files\FileViewer.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B805D226-4CA5-499C-A8CA-3E61CF947A5D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B805D226-4CA5-499C-A8CA-3E61CF947A5D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{B805D226-4CA5-499C-A8CA-3E61CF947A5D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B805D226-4CA5-499C-A8CA-3E61CF947A5D}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Windows\SysWOW64\MPK\MPK.exe deleted successfully.
C:\Users\Paul Florek\AppData\Roaming\StreamTorrent\1.0\config folder moved successfully.
C:\Users\Paul Florek\AppData\Roaming\StreamTorrent\1.0 folder moved successfully.
C:\Users\Paul Florek\AppData\Roaming\StreamTorrent folder moved successfully.
C:\Users\Paul Florek\AppData\Roaming\uTorrent\dlimagecache folder moved successfully.
C:\Users\Paul Florek\AppData\Roaming\uTorrent\apps folder moved successfully.
C:\Users\Paul Florek\AppData\Roaming\uTorrent folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Paul Florek\Downloads\cmd.bat deleted successfully.
C:\Users\Paul Florek\Downloads\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Paul Florek
->Temp folder emptied: 120380315 bytes
->Temporary Internet Files folder emptied: 12547859 bytes
->Java cache emptied: 2460622 bytes
->FireFox cache emptied: 52905987 bytes
->Google Chrome cache emptied: 376386831 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 23349026 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 356352 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 71383608 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 119119 bytes
RecycleBin emptied: 731912137 bytes

Total Files Cleaned = 1,327.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.43.0 log created on 05142012_092420

Files\Folders moved on Reboot...
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} folder moved successfully.
C:\Users\Paul Florek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
  • 0

#8
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
I think we need a deeper look with a stronger tool:

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.
Accept the disclaimer and allow to update if it asks

Posted Image

Posted Image

When finished, it produces a log for you.
Please include the C:\ComboFix.txt in your next reply.



Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

After the run you may have internet problems or access to somethng problems. Simply reboot the computer.
  • 0

#9
pflo

pflo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Combofix rebooted my computer. Says it has been preparing a log report and to not run any programs until finished. But it has been stuck like that for thirty minutes....posting from my phone. Let me know what I should do. Thanks!
  • 0

#10
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Did your Antivirus re engage. That can cause a delay. If it is still not done, then you can stop it.

If you are having trouble stopping it use Task Manager to end the combofix.exe process. Then look for the file at C:\Combofix.txt and copy/paste it here.
  • 0

Advertisements


#11
pflo

pflo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
My antivirus did not re-engage. So when I tried to kill it, it restarted my computer. There was no txt file. Same long loading time and slow circle of waiting on opening new webpages etc. Tried to run it again, just freezes my computer. Let me know what I should do.
  • 0

#12
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Sorry it is being so stubborn!

Keep your antivirus, antispyware, and any 3rd party firewall turned off.


Then enter safe mode with networking. (Reboot and press F8 and select Safe Mode with Networking)

Then run combofix following all the original instructions I posted with one exception, you need to be around when it reboots to finish so that you can reboot it into safe mode with networking.

Once it is done please post ComboFix.txt
  • 0

#13
pflo

pflo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
My computer just keeps running windows repair and not fixing anything when I try....my computer hates me....
  • 0

#14
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Can you get into normal or safe mode?

or

Is it booting to windows repair and not letting you do anything else?


What menu do you see if you begin tapping F8 to get to the choices?
  • 0

#15
pflo

pflo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
When it restarts from combofix stuff, it goes straight to window repair. If I power off with the power button I can get into safe mode and normal mode. If I tap f8 I get the regular safe mode menu.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP