Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

RunDLL-Specified module could not be found [Solved] [Closed]


  • This topic is locked This topic is locked

#1
cazzaren

cazzaren

    Member

  • Member
  • PipPip
  • 17 posts
similar url http://www.geekstogo...d-not-be-found/

what should i do? when i start my computer and it gets to the desctop it says RunDLL - Specified module could not be found and then alot of my programs start going stupid and crashing out or stop working suddenly or takes multiple times to open. i ran a OTL (old timer list malware scan thingy) full scan and got this,
  • 0

Advertisements


#2
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
pt 1

Attached Files

  • Attached File  otl1.txt   674.37KB   40 downloads

  • 0

#3
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
otl part 2 and the extras it added

Attached Files


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi, I am sorry to say that the system is a bit of a mess. You have multiple adware programmes running along with three Antivirus pprogrammes - McAfee, Norton and AVG let me know which ONE you wish to keep and I will help you remove the others

There is also a possible Zero Access infection or TDL 4 MBR

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2502906
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\URLSearchHook: {03f38c00-dda9-46bf-9475-c6997746c740} - C:\Program Files (x86)\ViralTube3\prxtbVira.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\URLSearchHook: {a8625cb7-85fe-4936-92a4-b2a7c925209e} - No CLSID value found
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\SearchScopes\{F3A9A23D-1FDA-4C83-91F5-689334FFB42D}: "URL" = http://websearch.ask...31-EF1CFA815DE3
    [2012/02/20 22:58:47 | 000,000,000 | ---D | M] (BasicScan) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
    [2012/05/04 21:33:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2012/02/20 22:55:13 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{b824a053-08ff-06f4-2eb3-683a01065bdc}
    O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
    O4 - HKU\.DEFAULT..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O4 - HKU\S-1-5-18..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O4 - HKU\S-1-5-20..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O4 - HKU\S-1-5-21-175881499-112973798-2488208640-1000..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O4 - HKU\S-1-5-21-175881499-112973798-2488208640-1001..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O33 - MountPoints2\{37c450ff-3451-11df-adbc-0024e8103d4c}\Shell\AutoRun\command - "" = G:\RECYCLER\usbassist.exe
    O33 - MountPoints2\{37c450ff-3451-11df-adbc-0024e8103d4c}\Shell\opEN\CoMmanD - "" = G:\RECYCLER\usbassist.exe
    O33 - MountPoints2\{41df2317-6079-11df-acb2-806e6f6e6963}\Shell\AutoRun\command - "" = H:\MI.exe
    O33 - MountPoints2\{ff428a9f-5a9f-11de-b89a-0024e8103d4c}\Shell\AutoRun\command - "" = G:\RECYCLER\usbassist.exe
    O33 - MountPoints2\{ff428a9f-5a9f-11de-b89a-0024e8103d4c}\Shell\opEN\CoMmanD - "" = G:\RECYCLER\usbassist.exe
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\MI.exe
    [2012/04/06 23:42:11 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Babylon
    [2012/04/06 23:42:08 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Babylon
    [2012/04/06 23:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
    [2012/04/06 23:41:57 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
    [2012/04/02 13:55:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe
    [2012/03/16 22:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FunWebProducts
    [2012/02/20 22:56:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PricePeep
    [2012/02/20 22:56:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteSmokeTranslator
    [2012/02/20 22:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmokeTranslator
    [2012/02/20 22:54:46 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blinkx beat
    [2012/02/20 22:54:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blinkx
    [2012/02/20 22:54:12 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Wajam
    [2012/02/20 22:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
    [2010/11/26 03:22:28 | 000,458,752 | ---- | C] (blinkx) -- C:\Windows\SysWow64\ssblinkx.scr
    [2010/11/26 03:22:28 | 000,458,752 | ---- | C] (blinkx) -- C:\Windows\SysNative\ssblinkx.scr

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

AND FINALLY

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#5
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hi, I am sorry to say that the system is a bit of a mess. You have multiple adware programmes running along with three Antivirus pprogrammes - McAfee, Norton and AVG let me know which ONE you wish to keep and I will help you remove the others

There is also a possible Zero Access infection or TDL 4 MBR

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2502906
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\URLSearchHook: {03f38c00-dda9-46bf-9475-c6997746c740} - C:\Program Files (x86)\ViralTube3\prxtbVira.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\URLSearchHook: {a8625cb7-85fe-4936-92a4-b2a7c925209e} - No CLSID value found
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
    IE - HKU\S-1-5-21-175881499-112973798-2488208640-1000\..\SearchScopes\{F3A9A23D-1FDA-4C83-91F5-689334FFB42D}: "URL" = http://websearch.ask...31-EF1CFA815DE3
    [2012/02/20 22:58:47 | 000,000,000 | ---D | M] (BasicScan) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
    [2012/05/04 21:33:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2012/02/20 22:55:13 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{b824a053-08ff-06f4-2eb3-683a01065bdc}
    O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
    O4 - HKU\.DEFAULT..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O4 - HKU\S-1-5-18..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O4 - HKU\S-1-5-20..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O4 - HKU\S-1-5-21-175881499-112973798-2488208640-1000..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O4 - HKU\S-1-5-21-175881499-112973798-2488208640-1001..\Run: [Update] C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll (Apple Inc.)
    O33 - MountPoints2\{37c450ff-3451-11df-adbc-0024e8103d4c}\Shell\AutoRun\command - "" = G:\RECYCLER\usbassist.exe
    O33 - MountPoints2\{37c450ff-3451-11df-adbc-0024e8103d4c}\Shell\opEN\CoMmanD - "" = G:\RECYCLER\usbassist.exe
    O33 - MountPoints2\{41df2317-6079-11df-acb2-806e6f6e6963}\Shell\AutoRun\command - "" = H:\MI.exe
    O33 - MountPoints2\{ff428a9f-5a9f-11de-b89a-0024e8103d4c}\Shell\AutoRun\command - "" = G:\RECYCLER\usbassist.exe
    O33 - MountPoints2\{ff428a9f-5a9f-11de-b89a-0024e8103d4c}\Shell\opEN\CoMmanD - "" = G:\RECYCLER\usbassist.exe
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\MI.exe
    [2012/04/06 23:42:11 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Babylon
    [2012/04/06 23:42:08 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Babylon
    [2012/04/06 23:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
    [2012/04/06 23:41:57 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
    [2012/04/02 13:55:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe
    [2012/03/16 22:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FunWebProducts
    [2012/02/20 22:56:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PricePeep
    [2012/02/20 22:56:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteSmokeTranslator
    [2012/02/20 22:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmokeTranslator
    [2012/02/20 22:54:46 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blinkx beat
    [2012/02/20 22:54:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blinkx
    [2012/02/20 22:54:12 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Wajam
    [2012/02/20 22:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
    [2010/11/26 03:22:28 | 000,458,752 | ---- | C] (blinkx) -- C:\Windows\SysWow64\ssblinkx.scr
    [2010/11/26 03:22:28 | 000,458,752 | ---- | C] (blinkx) -- C:\Windows\SysNative\ssblinkx.scr

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

AND FINALLY

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image





i would like to keep mcafee, or wichever is better protection.
  • 0

#6
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
i started the fix and around the time it got to delete temp it stoped working and windows closed the program. when i reopened otl it had a log stating that, C:\Windows\SysNative\ssblinkx.scr and C:\Windows\System32\drivers\etc\Hosts failed to move or delete. so i re ran the whole process as said and it finished, rebooted, and opened with this log,

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry value HKEY_USERS\S-1-5-21-175881499-112973798-2488208640-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{03f38c00-dda9-46bf-9475-c6997746c740} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03f38c00-dda9-46bf-9475-c6997746c740}\ not found.
File C:\Program Files (x86)\ViralTube3\prxtbVira.dll not found.
Registry value HKEY_USERS\S-1-5-21-175881499-112973798-2488208640-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a8625cb7-85fe-4936-92a4-b2a7c925209e} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8625cb7-85fe-4936-92a4-b2a7c925209e}\ not found.
HKEY_USERS\S-1-5-21-175881499-112973798-2488208640-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-175881499-112973798-2488208640-1000\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_USERS\S-1-5-21-175881499-112973798-2488208640-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F3A9A23D-1FDA-4C83-91F5-689334FFB42D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3A9A23D-1FDA-4C83-91F5-689334FFB42D}\ not found.
Folder C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\ not found.
Folder C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\ not found.
Folder C:\Program Files (x86)\Mozilla Firefox\extensions\{b824a053-08ff-06f4-2eb3-683a01065bdc}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\ not found.
File C:\Program Files (x86)\Wajam\IE\priam_bho.dll not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Update not found.
File C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Update not found.
File C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Update not found.
File C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll not found.
Registry value HKEY_USERS\S-1-5-21-175881499-112973798-2488208640-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Update not found.
File C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll not found.
Registry value HKEY_USERS\S-1-5-21-175881499-112973798-2488208640-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Update not found.
File C:\Users\Donna\AppData\Roaming\Adobe\Adobe\vmvsz.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37c450ff-3451-11df-adbc-0024e8103d4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37c450ff-3451-11df-adbc-0024e8103d4c}\ not found.
File G:\RECYCLER\usbassist.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37c450ff-3451-11df-adbc-0024e8103d4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37c450ff-3451-11df-adbc-0024e8103d4c}\ not found.
File G:\RECYCLER\usbassist.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41df2317-6079-11df-acb2-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41df2317-6079-11df-acb2-806e6f6e6963}\ not found.
File H:\MI.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff428a9f-5a9f-11de-b89a-0024e8103d4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff428a9f-5a9f-11de-b89a-0024e8103d4c}\ not found.
File G:\RECYCLER\usbassist.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff428a9f-5a9f-11de-b89a-0024e8103d4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff428a9f-5a9f-11de-b89a-0024e8103d4c}\ not found.
File G:\RECYCLER\usbassist.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File G:\MI.exe not found.
Folder C:\Users\Donna\AppData\Local\Babylon\ not found.
Folder C:\Users\Donna\AppData\Roaming\Babylon\ not found.
Folder C:\ProgramData\Babylon\ not found.
Folder C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\ not found.
File C:\Windows\svchost.exe not found.
Folder C:\Program Files (x86)\FunWebProducts\ not found.
Folder C:\Program Files (x86)\PricePeep\ not found.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteSmokeTranslator\ not found.
Folder C:\Program Files (x86)\WhiteSmokeTranslator\ not found.
Folder C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blinkx beat\ not found.
Folder C:\Program Files (x86)\Blinkx\ not found.
Folder C:\Users\Donna\AppData\Local\Wajam\ not found.
Folder C:\Program Files (x86)\Wajam\ not found.
File C:\Windows\SysWow64\ssblinkx.scr not found.
File move failed. C:\Windows\SysNative\ssblinkx.scr scheduled to be moved on reboot.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Donna\Downloads\cmd.bat deleted successfully.
C:\Users\Donna\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Donna
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 645931398 bytes
->Java cache emptied: 35965529 bytes
->FireFox cache emptied: 50857308 bytes
->Google Chrome cache emptied: 353848707 bytes
->Flash cache emptied: 8212832 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 462715148 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,485.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.43.0 log created on 05192012_154300

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\ssblinkx.scr scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...


  • 0

#7
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
i just did a quick scan and got,

OTL logfile created on: 5/19/2012 4:00:48 PM - Run 2
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Donna\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 30.41% Memory free
5.72 Gb Paging File | 2.85 Gb Available in Paging File | 49.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 160.82 Gb Free Space | 56.75% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 13.60 Gb Free Space | 92.83% Space Free | Partition Type: NTFS

Computer Name: ELEBYFAMILY-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/18 19:30:55 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Downloads\OTL.com
PRC - [2012/05/17 19:08:10 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012/05/17 19:08:06 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/05/08 22:04:54 | 001,240,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/04/29 00:03:58 | 002,647,664 | ---- | M] (GamersFirst) -- C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
PRC - [2012/04/28 19:55:11 | 000,549,744 | ---- | M] () -- C:\ProgramData\UpdaterService\wsupdsvc.exe
PRC - [2012/03/16 21:04:18 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe
PRC - [2012/03/16 21:04:18 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe
PRC - [2012/01/19 01:50:51 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/18 19:18:25 | 003,082,320 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012/01/03 17:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/23 22:17:26 | 001,994,936 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2011/04/23 22:17:26 | 000,098,488 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/13 08:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/02/11 11:00:12 | 003,280,896 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/11/04 16:31:02 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2009/10/09 16:56:13 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/03/10 14:33:30 | 003,033,944 | ---- | M] () -- C:\Program Files (x86)\Dell Touch Zone\fingertapps.exe
PRC - [2009/01/29 12:13:20 | 000,252,248 | ---- | M] () -- C:\Program Files (x86)\NextWindow\NextWindowGSA.exe
PRC - [2009/01/08 15:00:44 | 000,516,096 | ---- | M] (Dell Corporation) -- C:\Program Files (x86)\DELL\OSD\AIO_OSD.exe
PRC - [2008/12/22 15:59:12 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\DELL\OSD\OSDSvr.exe
PRC - [2008/12/17 23:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/05/23 14:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/18 03:54:52 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/18 03:51:45 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\24556241d64589a6b95b7eaa7432295b\System.Web.Services.ni.dll
MOD - [2012/05/18 03:51:09 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/05/18 03:44:13 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/18 03:43:40 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012/05/18 03:43:26 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012/05/18 03:41:56 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/18 03:41:32 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/17 19:08:15 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012/05/17 19:08:06 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/05/08 22:04:52 | 000,441,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppgooglenaclpluginchrome.dll
MOD - [2012/05/08 22:04:51 | 003,921,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
MOD - [2012/05/08 22:03:36 | 000,553,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libglesv2.dll
MOD - [2012/05/08 22:03:35 | 000,117,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libegl.dll
MOD - [2012/05/08 22:03:25 | 000,134,656 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avutil-51.dll
MOD - [2012/05/08 22:03:24 | 000,250,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avformat-54.dll
MOD - [2012/05/08 22:03:23 | 002,375,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll
MOD - [2012/05/08 21:09:13 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
MOD - [2012/01/18 19:18:25 | 003,082,320 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011/04/23 22:18:10 | 000,100,208 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll
MOD - [2011/04/23 22:17:32 | 000,062,136 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll
MOD - [2011/04/23 22:16:44 | 000,250,552 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll
MOD - [2011/01/07 12:40:30 | 015,988,224 | ---- | M] () -- C:\Program Files (x86)\GamersFirst\LIVE!\libcef.dll
MOD - [2010/02/11 11:00:12 | 003,280,896 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/11/13 17:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/11/13 17:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/11/13 17:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/11/13 17:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/09/03 12:15:48 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
MOD - [2009/03/10 14:33:30 | 003,033,944 | ---- | M] () -- C:\Program Files (x86)\Dell Touch Zone\fingertapps.exe
MOD - [2009/01/29 12:13:20 | 000,252,248 | ---- | M] () -- C:\Program Files (x86)\NextWindow\NextWindowGSA.exe
MOD - [2008/12/17 23:24:14 | 006,510,416 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtGui4.dll
MOD - [2008/12/17 23:24:14 | 001,657,168 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtCore4.dll
MOD - [2008/12/17 23:24:14 | 000,396,112 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtOpenGL4.dll
MOD - [2008/12/17 23:24:14 | 000,366,928 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtNetwork4.dll
MOD - [2008/12/17 23:24:14 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\SDL.dll
MOD - [2008/11/03 09:54:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/31 20:32:58 | 000,244,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2010/05/31 20:32:58 | 000,199,032 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010/05/31 20:32:58 | 000,148,520 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/04/15 09:45:10 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/01/07 05:15:56 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/17 19:08:10 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/05/04 21:33:09 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/28 19:55:11 | 000,549,744 | ---- | M] () [Auto | Running] -- C:\ProgramData\UpdaterService\wsupdsvc.exe -- (UpdaterService)
SRV - [2012/03/16 21:04:18 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe -- (GamingWonderlandService)
SRV - [2012/01/19 01:50:51 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2010/06/12 09:52:30 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/04 16:31:02 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/22 15:59:12 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DELL\OSD\OSDSvr.exe -- (FOXOSDService)
SRV - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/05/31 20:32:58 | 000,528,616 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,440,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010/05/31 20:32:58 | 000,279,752 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,189,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,121,504 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,093,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010/05/31 20:32:58 | 000,075,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,062,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2009/11/24 19:33:50 | 000,028,264 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\NVAMACPI.sys -- (nvamacpi)
DRV:64bit: - [2009/10/20 11:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\npf.sys -- (NPF)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/05 13:09:46 | 000,789,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2009/04/11 00:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/04/08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/01/07 05:25:52 | 000,252,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/11/28 09:31:02 | 000,015,448 | ---- | M] (Foxconn Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\FxOSDdrv64.sys -- (FXOSDDRV)
DRV:64bit: - [2008/10/01 17:44:06 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2008/09/24 19:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\facap.sys -- (FACAP)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/01/19 19:24:24 | 000,025,312 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\scmndisp.sys -- (SCMNdisP)
DRV:64bit: - [2006/11/28 22:46:20 | 000,043,328 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCAMp50a64.sys -- (PCAMp50a64)
DRV:64bit: - [2006/11/28 22:46:20 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/04 18:16:40 | 000,028,152 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Dell Support Center\HWDiag\bin\pcd5srvc_x64.pkms -- (PCD5SRVC{048DBD20-445E8C82-05040104})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {03f38c00-dda9-46bf-9475-c6997746c740} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-05-17 19:08:17&v=11.1.0.7&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan...s={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7SKPB_en
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-05-17 19:08:17&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://isearch.avg.c...9:08:17&sap=hp"
FF - prefs.js..keyword.URL: "http://isearch.avg.c...8:17&sap=ku&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Donna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/06/15 23:03:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\GamingWonderland\bar\1.bin [2012/03/16 21:04:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\SDIV 2.0\Lib\xpi [2012/04/23 09:08:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/05/17 19:09:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/04 21:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\WhiteSmokeTranslator\WCaptureMoz

[2012/01/16 20:25:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\mozilla\Extensions
[2012/05/06 16:15:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions
[2012/05/06 16:15:07 | 000,000,000 | ---D | M] (ViralTube3 Community Toolbar) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\{03f38c00-dda9-46bf-9475-c6997746c740}
[2012/03/16 21:04:28 | 000,000,000 | ---D | M] (GamingWonderland) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\[email protected]
[2012/04/15 01:41:03 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\[email protected]
[2012/02/20 22:58:26 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\[email protected]
[2012/01/03 17:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\vdvzpmhl.default\searchplugins\askcom.xml
[2012/05/19 15:37:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
[2012/04/23 09:08:12 | 000,000,000 | ---D | M] ("fbdownloader") -- C:\PROGRAM FILES (X86)\SDIV 2.0\LIB\XPI
[2012/05/17 19:09:36 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.7
[2012/04/07 00:25:35 | 000,027,371 | ---- | M] () (No name found) -- C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VDVZPMHL.DEFAULT\EXTENSIONS\{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}.XPI
[2012/04/01 16:21:37 | 000,004,733 | ---- | M] () (No name found) -- C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VDVZPMHL.DEFAULT\EXTENSIONS\[email protected]
[2012/05/04 21:33:09 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/17 19:07:59 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/08 10:53:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/08 10:53:28 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.c...sa&d=2012-05-17 19:08:17&v=11.1.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.goog...outputEncoding}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.15.1.22682_0\background/registryAccess.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.23_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Donna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Frostwire Toolbar = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.15.1.22682_0\
CHR - Extension: FBDownloader = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pollkeobaahnbmpcgombjfibedabcddd\1.0.4_0\

O1 HOSTS File: ([2012/05/19 15:43:01 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100907205750.dll (McAfee, Inc.)
O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
O2 - BHO: (no name) - {03f38c00-dda9-46bf-9475-c6997746c740} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (FBDownloader BHO) - {553318DA-D010-469E-84B1-496563CAE1BF} - C:\Program Files (x86)\HTTO Group, Ltd\FBDownloader IE Add-on\FBDownloader.dll (HTTO Group, Ltd)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Toolbar BHO) - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll (MindSpark)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100907205751.dll (McAfee, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Search Assistant BHO) - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll (MindSpark)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {03f38c00-dda9-46bf-9475-c6997746c740} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (GamingWonderland) - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {03F38C00-DDA9-46BF-9475-C6997746C740} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [GamingWonderland Browser Plugin Loader] C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [GamingWonderland Search Scope Monitor] C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - Startup: C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://aolsvc.aol.co...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEF64894-8527-424E-B0EF-D752FC8D719B}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi for Dell\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7b7033b5-5c38-11e1-a030-0024e8103d4c}\Shell - "" = AutoRun
O33 - MountPoints2\{7b7033b5-5c38-11e1-a030-0024e8103d4c}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{b2660798-847b-11e1-b131-0024e8103d4c}\Shell - "" = AutoRun
O33 - MountPoints2\{b2660798-847b-11e1-b131-0024e8103d4c}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Setup.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/19 15:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/05/19 15:37:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/18 21:11:42 | 000,000,000 | ---D | C] -- C:\Crash
[2012/05/18 16:13:26 | 000,000,000 | ---D | C] -- C:\Users\Donna\Documents\My Games
[2012/05/18 14:53:00 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/05/18 10:59:31 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\SCE
[2012/05/18 10:48:04 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\GamersFirst LIVE!
[2012/05/18 10:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2012/05/18 10:45:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2012/05/17 20:17:32 | 000,000,000 | ---D | C] -- C:\Users\Donna\Documents\GTA San Andreas User Files
[2012/05/17 20:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012/05/17 20:01:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012/05/17 19:45:46 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012/05/17 19:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012/05/17 19:45:32 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2012/05/17 19:45:32 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2012/05/17 19:45:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc
[2012/05/17 19:10:24 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\PowerISO
[2012/05/17 19:10:03 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\AVG Secure Search
[2012/05/17 19:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/05/17 19:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/05/17 19:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/05/17 19:06:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/05/17 18:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicISO
[2012/05/17 18:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/17 18:54:33 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/17 17:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2012/05/17 17:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey
[2012/05/17 16:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/05/04 21:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/04 21:33:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/04/28 19:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\UpdaterService
[2012/04/23 09:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/04/23 09:08:50 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\CRE
[2012/04/23 09:08:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTTO Group, Ltd
[2012/04/23 09:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/04/23 09:08:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SDIV 2.0
[2012/04/23 09:08:09 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fbDownloader
[2012/04/23 09:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbDownloader
[2012/04/23 09:08:02 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Conduit
[2012/04/23 09:08:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ViralTube3
[2012/04/21 11:30:41 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5

========== Files - Modified Within 30 Days ==========

[2012/05/19 15:57:15 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/19 15:57:15 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/19 15:57:15 | 000,104,202 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/19 15:49:52 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/05/19 15:49:43 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/19 15:49:31 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/19 15:49:30 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/19 15:49:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/19 15:48:59 | 2951,991,296 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/19 15:45:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/18 21:09:38 | 000,000,680 | ---- | M] () -- C:\Users\Donna\AppData\Local\d3d9caps.dat
[2012/05/18 21:06:37 | 000,000,209 | ---- | M] () -- C:\Users\Donna\Desktop\help save the computer.url
[2012/05/18 13:51:32 | 000,074,202 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\icarus-dxdiag.xml
[2012/05/18 13:07:27 | 1014,886,383 | ---- | M] () -- C:\Users\Donna\Fallen_Earth_20120301.bin1
[2012/05/18 13:01:19 | 033,416,344 | ---- | M] () -- C:\Users\Donna\Fallen_Earth_20120301.exe
[2012/05/18 10:45:42 | 000,000,997 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012/05/18 03:18:32 | 000,000,129 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2012/05/17 20:03:01 | 000,000,505 | ---- | M] () -- C:\Users\Donna\Documents\AutoHotkey.ahk
[2012/05/17 19:52:48 | 000,000,830 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2012/05/17 19:36:49 | 000,000,104 | ---- | M] () -- C:\Users\Donna\Desktop\Recycle Bin - Shortcut.lnk
[2012/05/17 17:56:57 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/08 23:00:30 | 000,000,033 | ---- | M] () -- C:\Users\Donna\.mjsync_en_US
[2012/05/04 12:29:37 | 537,160,672 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/22 16:19:12 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/04/21 16:04:49 | 000,020,480 | ---- | M] () -- C:\Users\Donna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/21 11:30:41 | 000,001,082 | ---- | M] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk

========== Files Created - No Company Name ==========

[2012/05/18 21:06:23 | 000,000,209 | ---- | C] () -- C:\Users\Donna\Desktop\help save the computer.url
[2012/05/18 13:51:32 | 000,074,202 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\icarus-dxdiag.xml
[2012/05/18 10:58:58 | 000,002,046 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online Live.lnk
[2012/05/18 10:48:37 | 1014,886,383 | ---- | C] () -- C:\Users\Donna\Fallen_Earth_20120301.bin1
[2012/05/18 10:48:37 | 033,416,344 | ---- | C] () -- C:\Users\Donna\Fallen_Earth_20120301.exe
[2012/05/18 10:45:42 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012/05/17 19:45:46 | 000,000,830 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2012/05/17 19:36:49 | 000,000,104 | ---- | C] () -- C:\Users\Donna\Desktop\Recycle Bin - Shortcut.lnk
[2012/05/17 17:59:36 | 000,000,505 | ---- | C] () -- C:\Users\Donna\Documents\AutoHotkey.ahk
[2012/05/17 17:56:57 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/04/25 13:59:02 | 000,206,001 | ---- | C] () -- C:\Users\Donna\Documents\dayout2 034.jpg
[2012/04/22 16:19:12 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/04/21 11:30:41 | 000,001,082 | ---- | C] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk
[2012/02/20 22:56:21 | 000,000,000 | ---- | C] () -- C:\ProgramData\6898ce999b73350f6e3e0f4ea43b73b5_c
[2012/02/20 22:55:13 | 000,075,024 | ---- | C] () -- C:\Windows\SysWow64\aad73f73.exe
[2012/01/19 01:50:56 | 000,281,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/19 01:50:51 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/17 14:11:53 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2012/01/16 20:03:14 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/05/31 01:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/05/31 01:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/04/23 22:18:10 | 000,100,208 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2011/04/23 22:17:32 | 000,062,136 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2011/04/23 22:16:44 | 000,250,552 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

========== LOP Check ==========

[2012/02/20 22:59:32 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Azureus
[2012/05/19 15:53:43 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\BitTorrent
[2012/01/16 12:45:52 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\BoneTown
[2012/01/17 01:58:49 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\DAEMON Tools Pro
[2012/02/05 20:35:35 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Firestorm
[2012/03/17 12:24:56 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Ludia
[2012/05/17 19:10:24 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\PowerISO
[2012/02/04 04:07:04 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\SecondLife
[2012/01/16 21:09:36 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Unity
[2009/08/18 09:14:10 | 000,000,238 | ---- | M] () -- C:\Windows\Tasks\PersonalAV.job
[2012/05/19 15:47:28 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:3A0561F3
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:89C6F032

< End of report >


ill start on downloading and following the rest of the steps.
  • 0

#8
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
i ran combo fix and itwas running smootly and in the middle of the process the computer went into a blue screen saying windows was shutting down because of a threat or something and started dumping some files then rebooted. i won't go further untill we figure out what just happened lol
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I will remove a few more bits, get the AVG removal tool run. Then run aswMBR and we will revisit combofix when that is done :)

First OTL

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKLM\..\URLSearchHook: {03f38c00-dda9-46bf-9475-c6997746c740} - No CLSID value found
    [2012/05/06 16:15:07 | 000,000,000 | ---D | M] (ViralTube3 Community Toolbar) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\{03f38c00-dda9-46bf-9475-c6997746c740}
    File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
    [2012/04/07 00:25:35 | 000,027,371 | ---- | M] () (No name found) -- C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VDVZPMHL.DEFAULT\EXTENSIONS\{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}.XPI
    [2012/04/01 16:21:37 | 000,004,733 | ---- | M] () (No name found) -- C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VDVZPMHL.DEFAULT\EXTENSIONS\[email protected]
    O2 - BHO: (no name) - {03f38c00-dda9-46bf-9475-c6997746c740} - No CLSID value found.
    O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll File not found
    O3 - HKLM\..\Toolbar: (no name) - {03f38c00-dda9-46bf-9475-c6997746c740} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {03F38C00-DDA9-46BF-9475-C6997746C740} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

    :Files
    ipconfig /flushdns /c

    :Commands
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Next remove AVG

Download the AVG removal tool to your desktop
From Control Panel > Programs and Features Uninstall AVG
After the reboot run the AVG removal tool
Reboot

Then aswMBR run

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#10
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
successful

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{03f38c00-dda9-46bf-9475-c6997746c740} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03f38c00-dda9-46bf-9475-c6997746c740}\ not found.
C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\{03f38c00-dda9-46bf-9475-c6997746c740}\searchplugin folder moved successfully.
C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\{03f38c00-dda9-46bf-9475-c6997746c740}\modules folder moved successfully.
C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\{03f38c00-dda9-46bf-9475-c6997746c740}\META-INF folder moved successfully.
C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\{03f38c00-dda9-46bf-9475-c6997746c740}\defaults folder moved successfully.
C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\{03f38c00-dda9-46bf-9475-c6997746c740}\components folder moved successfully.
C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\{03f38c00-dda9-46bf-9475-c6997746c740}\chrome folder moved successfully.
C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\{03f38c00-dda9-46bf-9475-c6997746c740} folder moved successfully.
C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VDVZPMHL.DEFAULT\EXTENSIONS\{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}.XPI moved successfully.
C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VDVZPMHL.DEFAULT\EXTENSIONS\[email protected] moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03f38c00-dda9-46bf-9475-c6997746c740}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03f38c00-dda9-46bf-9475-c6997746c740}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{03f38c00-dda9-46bf-9475-c6997746c740} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03f38c00-dda9-46bf-9475-c6997746c740}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{03F38C00-DDA9-46BF-9475-C6997746C740} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03F38C00-DDA9-46BF-9475-C6997746C740}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Donna\Downloads\cmd.bat deleted successfully.
C:\Users\Donna\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Donna
->Temp folder emptied: 102497 bytes
->Temporary Internet Files folder emptied: 1246746 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34700396 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 470 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26798 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 35.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.43.0 log created on 05192012_174320

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


after i rebooted, i noticed my computer is alot faster but a problem poped up that i have seen a bit ago that usually stops alot of my programs, it said winrscmde stopped working and was closed. it was happening alot yesterday and when it starts i click close and it keeps coming back saying it was closed, and i didn't know exactly what it was but it just popped up again. i ran the quick scan and got,

OTL logfile created on: 5/19/2012 5:54:11 PM - Run 3
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Donna\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 51.13% Memory free
5.72 Gb Paging File | 3.83 Gb Available in Paging File | 67.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 160.73 Gb Free Space | 56.72% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 13.60 Gb Free Space | 92.83% Space Free | Partition Type: NTFS

Computer Name: ELEBYFAMILY-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/18 19:30:55 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Downloads\OTL.com
PRC - [2012/05/17 19:08:10 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012/05/17 19:08:06 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/05/04 21:33:08 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/28 19:55:11 | 000,549,744 | ---- | M] () -- C:\ProgramData\UpdaterService\wsupdsvc.exe
PRC - [2012/03/16 21:04:18 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe
PRC - [2012/03/16 21:04:18 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe
PRC - [2012/01/19 01:50:51 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/03 17:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/23 22:17:26 | 001,994,936 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2011/04/23 22:17:26 | 000,098,488 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/13 08:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/02/11 11:00:12 | 003,280,896 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/11/04 16:31:02 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2009/01/29 12:13:20 | 000,252,248 | ---- | M] () -- C:\Program Files (x86)\NextWindow\NextWindowGSA.exe
PRC - [2009/01/08 15:00:44 | 000,516,096 | ---- | M] (Dell Corporation) -- C:\Program Files (x86)\DELL\OSD\AIO_OSD.exe
PRC - [2008/12/22 15:59:12 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\DELL\OSD\OSDSvr.exe
PRC - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/05/23 14:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/18 03:54:52 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/18 03:51:45 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\24556241d64589a6b95b7eaa7432295b\System.Web.Services.ni.dll
MOD - [2012/05/18 03:51:09 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/05/18 03:44:13 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/18 03:43:40 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012/05/18 03:43:26 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012/05/18 03:41:56 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/18 03:41:32 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/17 19:08:15 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012/05/17 19:08:06 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/05/04 21:33:08 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/01/16 21:08:53 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/04/23 22:18:10 | 000,100,208 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll
MOD - [2011/04/23 22:17:32 | 000,062,136 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll
MOD - [2011/04/23 22:16:44 | 000,250,552 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll
MOD - [2010/02/11 11:00:12 | 003,280,896 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2010/01/21 02:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 21:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/11/13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/11/13 17:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/11/13 17:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/11/13 17:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/11/13 17:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/09/03 12:15:48 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
MOD - [2009/01/29 12:13:20 | 000,252,248 | ---- | M] () -- C:\Program Files (x86)\NextWindow\NextWindowGSA.exe
MOD - [2008/11/03 09:54:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/31 20:32:58 | 000,244,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2010/05/31 20:32:58 | 000,199,032 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010/05/31 20:32:58 | 000,148,520 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/04/15 09:45:10 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/01/07 05:15:56 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/17 19:08:10 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/05/04 21:33:09 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/28 19:55:11 | 000,549,744 | ---- | M] () [Auto | Running] -- C:\ProgramData\UpdaterService\wsupdsvc.exe -- (UpdaterService)
SRV - [2012/03/16 21:04:18 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe -- (GamingWonderlandService)
SRV - [2012/01/19 01:50:51 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2010/06/12 09:52:30 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/04 16:31:02 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/22 15:59:12 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DELL\OSD\OSDSvr.exe -- (FOXOSDService)
SRV - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/05/31 20:32:58 | 000,528,616 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,440,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010/05/31 20:32:58 | 000,279,752 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,189,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,121,504 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,093,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010/05/31 20:32:58 | 000,075,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,062,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2009/11/24 19:33:50 | 000,028,264 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\NVAMACPI.sys -- (nvamacpi)
DRV:64bit: - [2009/10/20 11:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\npf.sys -- (NPF)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/05 13:09:46 | 000,789,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2009/04/11 00:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/04/08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/01/07 05:25:52 | 000,252,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/11/28 09:31:02 | 000,015,448 | ---- | M] (Foxconn Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\FxOSDdrv64.sys -- (FXOSDDRV)
DRV:64bit: - [2008/10/01 17:44:06 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2008/09/24 19:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\facap.sys -- (FACAP)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/01/19 19:24:24 | 000,025,312 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\scmndisp.sys -- (SCMNdisP)
DRV:64bit: - [2006/11/28 22:46:20 | 000,043,328 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCAMp50a64.sys -- (PCAMp50a64)
DRV:64bit: - [2006/11/28 22:46:20 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/04 18:16:40 | 000,028,152 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Dell Support Center\HWDiag\bin\pcd5srvc_x64.pkms -- (PCD5SRVC{048DBD20-445E8C82-05040104})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-05-17 19:08:17&v=11.1.0.7&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan...s={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7SKPB_en
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-05-17 19:08:17&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://isearch.avg.c...9:08:17&sap=hp"
FF - prefs.js..keyword.URL: "http://isearch.avg.c...8:17&sap=ku&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Donna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/06/15 23:03:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\GamingWonderland\bar\1.bin [2012/03/16 21:04:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\SDIV 2.0\Lib\xpi [2012/04/23 09:08:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\a[email protected]: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/05/17 19:09:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/04 21:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\WhiteSmokeTranslator\WCaptureMoz

[2012/01/16 20:25:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\mozilla\Extensions
[2012/05/19 17:43:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions
[2012/03/16 21:04:28 | 000,000,000 | ---D | M] (GamingWonderland) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\[email protected]
[2012/04/15 01:41:03 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\[email protected]
[2012/02/20 22:58:26 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\[email protected]
[2012/01/03 17:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\vdvzpmhl.default\searchplugins\askcom.xml
[2012/05/19 15:37:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/23 09:08:12 | 000,000,000 | ---D | M] ("fbdownloader") -- C:\PROGRAM FILES (X86)\SDIV 2.0\LIB\XPI
[2012/05/17 19:09:36 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.7
[2012/05/04 21:33:09 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/17 19:07:59 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/08 10:53:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/08 10:53:28 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.c...sa&d=2012-05-17 19:08:17&v=11.1.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.goog...outputEncoding}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.15.1.22682_0\background/registryAccess.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.23_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Donna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Frostwire Toolbar = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.15.1.22682_0\
CHR - Extension: FBDownloader = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pollkeobaahnbmpcgombjfibedabcddd\1.0.4_0\

O1 HOSTS File: ([2012/05/19 15:43:01 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100907205750.dll (McAfee, Inc.)
O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (FBDownloader BHO) - {553318DA-D010-469E-84B1-496563CAE1BF} - C:\Program Files (x86)\HTTO Group, Ltd\FBDownloader IE Add-on\FBDownloader.dll (HTTO Group, Ltd)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Toolbar BHO) - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll (MindSpark)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100907205751.dll (McAfee, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Search Assistant BHO) - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll (MindSpark)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (GamingWonderland) - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [GamingWonderland Browser Plugin Loader] C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [GamingWonderland Search Scope Monitor] C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - Startup: C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://aolsvc.aol.co...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEF64894-8527-424E-B0EF-D752FC8D719B}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi for Dell\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7b7033b5-5c38-11e1-a030-0024e8103d4c}\Shell - "" = AutoRun
O33 - MountPoints2\{7b7033b5-5c38-11e1-a030-0024e8103d4c}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{b2660798-847b-11e1-b131-0024e8103d4c}\Shell - "" = AutoRun
O33 - MountPoints2\{b2660798-847b-11e1-b131-0024e8103d4c}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Setup.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/19 17:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/05/19 16:23:51 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/05/19 16:22:14 | 004,498,818 | R--- | C] (Swearware) -- C:\Users\Donna\Desktop\ComboFix.exe
[2012/05/19 15:37:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/18 21:11:42 | 000,000,000 | ---D | C] -- C:\Crash
[2012/05/18 16:13:26 | 000,000,000 | ---D | C] -- C:\Users\Donna\Documents\My Games
[2012/05/18 14:53:00 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/05/18 10:59:31 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\SCE
[2012/05/18 10:48:04 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\GamersFirst LIVE!
[2012/05/18 10:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2012/05/18 10:45:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2012/05/17 20:17:32 | 000,000,000 | ---D | C] -- C:\Users\Donna\Documents\GTA San Andreas User Files
[2012/05/17 20:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012/05/17 20:01:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012/05/17 19:45:46 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012/05/17 19:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012/05/17 19:45:32 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2012/05/17 19:45:32 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2012/05/17 19:45:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc
[2012/05/17 19:10:24 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\PowerISO
[2012/05/17 19:10:03 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\AVG Secure Search
[2012/05/17 19:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/05/17 19:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/05/17 19:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/05/17 19:06:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/05/17 18:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicISO
[2012/05/17 18:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/17 18:54:33 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/17 17:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2012/05/17 17:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey
[2012/05/17 16:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/05/04 21:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/04 21:33:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/04/28 19:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\UpdaterService
[2012/04/23 09:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/04/23 09:08:50 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\CRE
[2012/04/23 09:08:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTTO Group, Ltd
[2012/04/23 09:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/04/23 09:08:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SDIV 2.0
[2012/04/23 09:08:09 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fbDownloader
[2012/04/23 09:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbDownloader
[2012/04/23 09:08:02 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Conduit
[2012/04/23 09:08:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ViralTube3
[2012/04/21 11:30:41 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5

========== Files - Modified Within 30 Days ==========

[2012/05/19 17:48:10 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/05/19 17:47:59 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/19 17:47:58 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/19 17:47:57 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/19 17:47:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/19 17:47:43 | 2951,991,296 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/19 17:45:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/19 16:32:02 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/19 16:32:02 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/19 16:32:02 | 000,104,202 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/19 16:26:03 | 000,000,680 | ---- | M] () -- C:\Users\Donna\AppData\Local\d3d9caps.dat
[2012/05/19 16:25:39 | 584,418,400 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/05/19 16:22:35 | 004,498,818 | R--- | M] (Swearware) -- C:\Users\Donna\Desktop\ComboFix.exe
[2012/05/18 21:06:37 | 000,000,209 | ---- | M] () -- C:\Users\Donna\Desktop\help save the computer.url
[2012/05/18 13:51:32 | 000,074,202 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\icarus-dxdiag.xml
[2012/05/18 13:07:27 | 1014,886,383 | ---- | M] () -- C:\Users\Donna\Fallen_Earth_20120301.bin1
[2012/05/18 13:01:19 | 033,416,344 | ---- | M] () -- C:\Users\Donna\Fallen_Earth_20120301.exe
[2012/05/18 10:45:42 | 000,000,997 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012/05/18 03:18:32 | 000,000,129 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2012/05/17 20:03:01 | 000,000,505 | ---- | M] () -- C:\Users\Donna\Documents\AutoHotkey.ahk
[2012/05/17 19:52:48 | 000,000,830 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2012/05/17 19:36:49 | 000,000,104 | ---- | M] () -- C:\Users\Donna\Desktop\Recycle Bin - Shortcut.lnk
[2012/05/17 17:56:57 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/08 23:00:30 | 000,000,033 | ---- | M] () -- C:\Users\Donna\.mjsync_en_US
[2012/04/22 16:19:12 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/04/21 16:04:49 | 000,020,480 | ---- | M] () -- C:\Users\Donna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/21 11:30:41 | 000,001,082 | ---- | M] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk

========== Files Created - No Company Name ==========

[2012/05/18 21:06:23 | 000,000,209 | ---- | C] () -- C:\Users\Donna\Desktop\help save the computer.url
[2012/05/18 13:51:32 | 000,074,202 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\icarus-dxdiag.xml
[2012/05/18 10:58:58 | 000,002,046 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online Live.lnk
[2012/05/18 10:48:37 | 1014,886,383 | ---- | C] () -- C:\Users\Donna\Fallen_Earth_20120301.bin1
[2012/05/18 10:48:37 | 033,416,344 | ---- | C] () -- C:\Users\Donna\Fallen_Earth_20120301.exe
[2012/05/18 10:45:42 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012/05/17 19:45:46 | 000,000,830 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2012/05/17 19:36:49 | 000,000,104 | ---- | C] () -- C:\Users\Donna\Desktop\Recycle Bin - Shortcut.lnk
[2012/05/17 17:59:36 | 000,000,505 | ---- | C] () -- C:\Users\Donna\Documents\AutoHotkey.ahk
[2012/05/17 17:56:57 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/04/25 13:59:02 | 000,206,001 | ---- | C] () -- C:\Users\Donna\Documents\dayout2 034.jpg
[2012/04/22 16:19:12 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/04/21 11:30:41 | 000,001,082 | ---- | C] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk
[2012/02/20 22:56:21 | 000,000,000 | ---- | C] () -- C:\ProgramData\6898ce999b73350f6e3e0f4ea43b73b5_c
[2012/02/20 22:55:13 | 000,075,024 | ---- | C] () -- C:\Windows\SysWow64\aad73f73.exe
[2012/01/19 01:50:56 | 000,281,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/19 01:50:51 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/17 14:11:53 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2012/01/16 20:03:14 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/05/31 01:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/05/31 01:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/04/23 22:18:10 | 000,100,208 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2011/04/23 22:17:32 | 000,062,136 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2011/04/23 22:16:44 | 000,250,552 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

========== LOP Check ==========

[2012/02/20 22:59:32 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Azureus
[2012/05/19 17:52:54 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\BitTorrent
[2012/01/16 12:45:52 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\BoneTown
[2012/01/17 01:58:49 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\DAEMON Tools Pro
[2012/02/05 20:35:35 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Firestorm
[2012/03/17 12:24:56 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Ludia
[2012/05/17 19:10:24 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\PowerISO
[2012/02/04 04:07:04 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\SecondLife
[2012/01/16 21:09:36 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Unity
[2009/08/18 09:14:10 | 000,000,238 | ---- | M] () -- C:\Windows\Tasks\PersonalAV.job
[2012/05/19 17:46:22 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:3A0561F3
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:89C6F032

< End of report >


im now uninstalling avg and about to do the second program
  • 0

Advertisements


#11
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
i did the uninstall avg and i saw it was only a toolbar but i took the steps anyway just in case, i think its gone.

i used the aswMBR and at the end of it being successful there was a like that showed a red letters and it was a directory if im correct, im attaching the aswMBR.txt log and i got a MBR.dat file but cannot attach it so im guessing thats for other uses or none at all on my side.

Attached Files


Edited by cazzaren, 19 May 2012 - 05:32 PM.

  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That popup is due to me removing the bad file but not yet being able to locate the run key - so for now it is just an annoyance rather than anything else

First I will check out the MBR as that looks a bit iffy

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#13
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
finished, no problems occured during using the program, 4 threats found, 1 threat was high risk and neutralized, 14 quaranteened objects.
the report log was,


09:49:33.0370 4804 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
09:49:33.0870 4804 ============================================================
09:49:33.0870 4804 Current date / time: 2012/05/20 09:49:33.0870
09:49:33.0870 4804 SystemInfo:
09:49:33.0870 4804
09:49:33.0870 4804 OS Version: 6.0.6002 ServicePack: 2.0
09:49:33.0870 4804 Product type: Workstation
09:49:33.0870 4804 ComputerName: ELEBYFAMILY-PC
09:49:33.0870 4804 UserName: Donna
09:49:33.0870 4804 Windows directory: C:\Windows
09:49:33.0870 4804 System windows directory: C:\Windows
09:49:33.0870 4804 Running under WOW64
09:49:33.0870 4804 Processor architecture: Intel x64
09:49:33.0870 4804 Number of processors: 2
09:49:33.0870 4804 Page size: 0x1000
09:49:33.0870 4804 Boot type: Normal boot
09:49:33.0870 4804 ============================================================
09:49:36.0412 4804 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:49:36.0412 4804 ============================================================
09:49:36.0412 4804 \Device\Harddisk0\DR0:
09:49:36.0412 4804 MBR partitions:
09:49:36.0412 4804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
09:49:36.0412 4804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
09:49:36.0412 4804 ============================================================
09:49:36.0444 4804 C: <-> \Device\Harddisk0\DR0\Partition1
09:49:36.0475 4804 D: <-> \Device\Harddisk0\DR0\Partition0
09:49:36.0475 4804 ============================================================
09:49:36.0475 4804 Initialize success
09:49:36.0475 4804 ============================================================
09:49:44.0805 5104 ============================================================
09:49:44.0805 5104 Scan started
09:49:44.0805 5104 Mode: Manual; SigCheck; TDLFS;
09:49:44.0805 5104 ============================================================
09:49:46.0537 5104 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:49:46.0677 5104 ACDaemon - ok
09:49:46.0849 5104 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
09:49:46.0864 5104 ACPI - ok
09:49:46.0927 5104 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
09:49:46.0958 5104 adp94xx - ok
09:49:46.0989 5104 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
09:49:47.0020 5104 adpahci - ok
09:49:47.0036 5104 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
09:49:47.0052 5104 adpu160m - ok
09:49:47.0067 5104 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
09:49:47.0083 5104 adpu320 - ok
09:49:47.0145 5104 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
09:49:47.0332 5104 AeLookupSvc - ok
09:49:47.0426 5104 AERTFilters (7394641611ef3ab2d041f104f1e8c1b9) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
09:49:47.0535 5104 AERTFilters - ok
09:49:47.0660 5104 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
09:49:47.0676 5104 Afc - ok
09:49:47.0769 5104 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
09:49:47.0941 5104 AFD - ok
09:49:48.0019 5104 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
09:49:48.0050 5104 agp440 - ok
09:49:48.0066 5104 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
09:49:48.0081 5104 aic78xx - ok
09:49:48.0112 5104 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
09:49:48.0393 5104 ALG - ok
09:49:48.0456 5104 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
09:49:48.0471 5104 aliide - ok
09:49:48.0487 5104 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
09:49:48.0502 5104 amdide - ok
09:49:48.0518 5104 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
09:49:48.0580 5104 AmdK8 - ok
09:49:48.0627 5104 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
09:49:48.0721 5104 Appinfo - ok
09:49:48.0768 5104 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
09:49:48.0783 5104 arc - ok
09:49:48.0814 5104 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
09:49:48.0830 5104 arcsas - ok
09:49:48.0861 5104 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
09:49:48.0939 5104 AsyncMac - ok
09:49:48.0986 5104 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
09:49:49.0002 5104 atapi - ok
09:49:49.0033 5104 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
09:49:49.0688 5104 AudioEndpointBuilder - ok
09:49:49.0688 5104 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
09:49:49.0782 5104 AudioSrv - ok
09:49:49.0860 5104 b57nd60a (e9517e50e773849aee7c2ac9befe5090) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:49:49.0969 5104 b57nd60a - ok
09:49:50.0140 5104 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:49:50.0172 5104 BBSvc - ok
09:49:50.0234 5104 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:49:50.0265 5104 BBUpdate - ok
09:49:50.0374 5104 BCMH43XX (912e49ed3c14e00cb9613884a3b957d0) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
09:49:50.0406 5104 BCMH43XX - ok
09:49:50.0499 5104 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
09:49:50.0577 5104 BFE - ok
09:49:50.0686 5104 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
09:49:50.0749 5104 BITS - ok
09:49:50.0842 5104 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
09:49:50.0889 5104 blbdrive - ok
09:49:50.0952 5104 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
09:49:51.0076 5104 bowser - ok
09:49:51.0123 5104 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
09:49:51.0186 5104 BrFiltLo - ok
09:49:51.0217 5104 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
09:49:51.0264 5104 BrFiltUp - ok
09:49:51.0373 5104 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
09:49:51.0420 5104 Browser - ok
09:49:51.0435 5104 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
09:49:51.0654 5104 Brserid - ok
09:49:51.0685 5104 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
09:49:51.0794 5104 BrSerWdm - ok
09:49:51.0794 5104 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
09:49:51.0872 5104 BrUsbMdm - ok
09:49:51.0872 5104 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
09:49:51.0934 5104 BrUsbSer - ok
09:49:51.0950 5104 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
09:49:52.0028 5104 BTHMODEM - ok
09:49:52.0075 5104 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
09:49:52.0153 5104 cdfs - ok
09:49:52.0215 5104 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
09:49:52.0246 5104 cdrom - ok
09:49:52.0340 5104 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
09:49:52.0402 5104 CertPropSvc - ok
09:49:52.0496 5104 cfwids (3b8a124d87ee9d229d1f07f518da9a4c) C:\Windows\system32\drivers\cfwids.sys
09:49:52.0512 5104 cfwids - ok
09:49:52.0558 5104 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
09:49:52.0636 5104 circlass - ok
09:49:52.0699 5104 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
09:49:52.0714 5104 CLFS - ok
09:49:52.0792 5104 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:49:52.0808 5104 clr_optimization_v2.0.50727_32 - ok
09:49:52.0855 5104 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:49:52.0855 5104 clr_optimization_v2.0.50727_64 - ok
09:49:52.0933 5104 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:49:52.0948 5104 clr_optimization_v4.0.30319_32 - ok
09:49:52.0964 5104 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:49:52.0980 5104 clr_optimization_v4.0.30319_64 - ok
09:49:53.0011 5104 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
09:49:53.0026 5104 cmdide - ok
09:49:53.0026 5104 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\drivers\compbatt.sys
09:49:53.0042 5104 Compbatt - ok
09:49:53.0042 5104 COMSysApp - ok
09:49:53.0058 5104 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
09:49:53.0073 5104 crcdisk - ok
09:49:53.0104 5104 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
09:49:53.0136 5104 CryptSvc - ok
09:49:53.0198 5104 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
09:49:53.0260 5104 DcomLaunch - ok
09:49:53.0416 5104 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
09:49:53.0510 5104 DfsC - ok
09:49:53.0697 5104 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
09:49:54.0072 5104 DFSR - ok
09:49:54.0212 5104 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
09:49:54.0243 5104 Dhcp - ok
09:49:54.0306 5104 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
09:49:54.0321 5104 disk - ok
09:49:54.0384 5104 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
09:49:54.0508 5104 Dnscache - ok
09:49:54.0555 5104 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
09:49:54.0633 5104 dot3svc - ok
09:49:54.0727 5104 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
09:49:54.0805 5104 DPS - ok
09:49:55.0054 5104 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
09:49:55.0132 5104 drmkaud - ok
09:49:55.0226 5104 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
09:49:55.0288 5104 DXGKrnl - ok
09:49:55.0398 5104 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
09:49:55.0476 5104 e1express - ok
09:49:55.0507 5104 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
09:49:55.0569 5104 E1G60 - ok
09:49:55.0585 5104 EagleX64 - ok
09:49:55.0632 5104 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
09:49:55.0678 5104 EapHost - ok
09:49:55.0710 5104 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
09:49:55.0741 5104 Ecache - ok
09:49:55.0803 5104 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
09:49:55.0912 5104 ehRecvr - ok
09:49:55.0944 5104 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
09:49:55.0975 5104 ehSched - ok
09:49:55.0990 5104 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
09:49:56.0100 5104 ehstart - ok
09:49:56.0178 5104 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
09:49:56.0224 5104 elxstor - ok
09:49:56.0302 5104 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
09:49:56.0443 5104 EMDMgmt - ok
09:49:56.0490 5104 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
09:49:56.0630 5104 ErrDev - ok
09:49:56.0692 5104 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
09:49:56.0802 5104 EventSystem - ok
09:49:56.0833 5104 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
09:49:56.0926 5104 exfat - ok
09:49:57.0020 5104 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
09:49:57.0036 5104 FACAP - ok
09:49:57.0207 5104 FAService (2b85d60e470acf871e4ef0db02e26861) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
09:49:57.0410 5104 FAService - ok
09:49:57.0644 5104 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
09:49:57.0691 5104 fastfat - ok
09:49:57.0738 5104 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
09:49:57.0800 5104 fdc - ok
09:49:57.0847 5104 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
09:49:57.0909 5104 fdPHost - ok
09:49:57.0956 5104 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
09:49:58.0034 5104 FDResPub - ok
09:49:58.0065 5104 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
09:49:58.0081 5104 FileInfo - ok
09:49:58.0096 5104 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
09:49:58.0143 5104 Filetrace - ok
09:49:58.0159 5104 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
09:49:58.0206 5104 flpydisk - ok
09:49:58.0252 5104 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
09:49:58.0268 5104 FltMgr - ok
09:49:58.0440 5104 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
09:49:58.0611 5104 FontCache - ok
09:49:58.0752 5104 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:49:58.0767 5104 FontCache3.0.0.0 - ok
09:49:58.0908 5104 FOXOSDService (89e7f428762eca1d411bd1524b6846df) C:\Program Files (x86)\DELL\OSD\OSDSvr.exe
09:49:58.0923 5104 FOXOSDService ( UnsignedFile.Multi.Generic ) - warning
09:49:58.0923 5104 FOXOSDService - detected UnsignedFile.Multi.Generic (1)
09:49:58.0986 5104 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
09:49:59.0064 5104 Fs_Rec - ok
09:49:59.0610 5104 FXOSDDRV (0e0292ab71267c1e3a71a9e43dab92e1) C:\Windows\system32\DRIVERS\FxOSDdrv64.sys
09:49:59.0610 5104 FXOSDDRV - ok
09:49:59.0641 5104 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
09:49:59.0656 5104 gagp30kx - ok
09:49:59.0734 5104 GamingWonderlandService (622fcf264119f7df127be353f796b319) C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe
09:49:59.0750 5104 GamingWonderlandService - ok
09:49:59.0875 5104 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
09:49:59.0890 5104 GoToAssist - ok
09:49:59.0953 5104 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
09:50:00.0031 5104 gpsvc - ok
09:50:00.0265 5104 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:50:00.0280 5104 gupdate - ok
09:50:00.0390 5104 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:50:00.0405 5104 gupdatem - ok
09:50:00.0670 5104 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:50:00.0764 5104 HDAudBus - ok
09:50:00.0811 5104 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
09:50:00.0904 5104 HidBth - ok
09:50:00.0920 5104 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
09:50:01.0014 5104 HidIr - ok
09:50:01.0060 5104 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
09:50:01.0107 5104 hidserv - ok
09:50:01.0154 5104 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
09:50:01.0185 5104 HidUsb - ok
09:50:01.0232 5104 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
09:50:01.0279 5104 hkmsvc - ok
09:50:01.0357 5104 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
09:50:01.0388 5104 HpCISSs - ok
09:50:01.0435 5104 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
09:50:01.0528 5104 HTTP - ok
09:50:01.0544 5104 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
09:50:01.0560 5104 i2omp - ok
09:50:01.0591 5104 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
09:50:01.0638 5104 i8042prt - ok
09:50:01.0684 5104 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
09:50:01.0716 5104 iaStorV - ok
09:50:01.0840 5104 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:50:01.0887 5104 idsvc - ok
09:50:01.0918 5104 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
09:50:01.0934 5104 iirsp - ok
09:50:01.0996 5104 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
09:50:02.0090 5104 IKEEXT - ok
09:50:02.0168 5104 IntcAzAudAddService (49a1c3833af724b2555c0689347dcd05) C:\Windows\system32\drivers\RTKVHD64.sys
09:50:02.0262 5104 IntcAzAudAddService - ok
09:50:02.0449 5104 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
09:50:02.0464 5104 intelide - ok
09:50:02.0480 5104 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
09:50:02.0527 5104 intelppm - ok
09:50:02.0574 5104 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
09:50:02.0620 5104 IPBusEnum - ok
09:50:02.0652 5104 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:50:02.0714 5104 IpFilterDriver - ok
09:50:02.0761 5104 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
09:50:02.0870 5104 iphlpsvc - ok
09:50:02.0870 5104 IpInIp - ok
09:50:02.0948 5104 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
09:50:02.0995 5104 IPMIDRV - ok
09:50:03.0010 5104 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
09:50:03.0073 5104 IPNAT - ok
09:50:03.0120 5104 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
09:50:03.0151 5104 IRENUM - ok
09:50:03.0182 5104 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
09:50:03.0198 5104 isapnp - ok
09:50:03.0260 5104 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
09:50:03.0276 5104 iScsiPrt - ok
09:50:03.0307 5104 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
09:50:03.0322 5104 iteatapi - ok
09:50:03.0338 5104 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
09:50:03.0354 5104 iteraid - ok
09:50:03.0416 5104 jswpsapi - ok
09:50:03.0463 5104 JSWPSLWF (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys
09:50:03.0541 5104 JSWPSLWF - ok
09:50:03.0603 5104 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
09:50:03.0619 5104 kbdclass - ok
09:50:03.0634 5104 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
09:50:03.0681 5104 kbdhid - ok
09:50:03.0744 5104 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
09:50:03.0868 5104 KeyIso - ok
09:50:03.0915 5104 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
09:50:03.0946 5104 KSecDD - ok
09:50:03.0993 5104 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
09:50:04.0040 5104 ksthunk - ok
09:50:04.0102 5104 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
09:50:04.0258 5104 KtmRm - ok
09:50:04.0336 5104 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
09:50:04.0414 5104 LanmanServer - ok
09:50:04.0461 5104 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
09:50:04.0539 5104 LanmanWorkstation - ok
09:50:04.0570 5104 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
09:50:04.0633 5104 lltdio - ok
09:50:04.0680 5104 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
09:50:04.0758 5104 lltdsvc - ok
09:50:04.0804 5104 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
09:50:04.0882 5104 lmhosts - ok
09:50:04.0945 5104 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
09:50:04.0976 5104 LSI_FC - ok
09:50:04.0992 5104 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
09:50:05.0023 5104 LSI_SAS - ok
09:50:05.0023 5104 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
09:50:05.0054 5104 LSI_SCSI - ok
09:50:05.0070 5104 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
09:50:05.0116 5104 luafv - ok
09:50:05.0584 5104 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
09:50:05.0600 5104 McComponentHostService - ok
09:50:05.0694 5104 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
09:50:05.0709 5104 mcdbus - ok
09:50:05.0834 5104 McMPFSvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:50:05.0865 5104 McMPFSvc - ok
09:50:05.0896 5104 mcmscsvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:50:05.0928 5104 mcmscsvc - ok
09:50:05.0943 5104 McNaiAnn (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:50:05.0974 5104 McNaiAnn - ok
09:50:05.0974 5104 McNASvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:50:06.0021 5104 McNASvc - ok
09:50:06.0146 5104 McODS (3809b77eb1734cd5fb317425f188abc1) C:\Program Files\McAfee\VirusScan\mcods.exe
09:50:06.0177 5104 McODS - ok
09:50:06.0208 5104 McProxy (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:50:06.0224 5104 McProxy - ok
09:50:06.0302 5104 McShield (be7802cfab44b613ac1a20aec1d45b87) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
09:50:06.0318 5104 McShield - ok
09:50:06.0411 5104 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
09:50:06.0442 5104 Mcx2Svc - ok
09:50:06.0489 5104 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
09:50:06.0505 5104 megasas - ok
09:50:06.0552 5104 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
09:50:06.0598 5104 MegaSR - ok
09:50:06.0645 5104 mfeapfk (0d8a2ccd9fb7a18114ffa13bb681f362) C:\Windows\system32\drivers\mfeapfk.sys
09:50:06.0661 5104 mfeapfk - ok
09:50:06.0708 5104 mfeavfk (58e891f01db2b41ef1a1296fe63ed74c) C:\Windows\system32\drivers\mfeavfk.sys
09:50:06.0723 5104 mfeavfk - ok
09:50:06.0739 5104 mfeavfk01 - ok
09:50:06.0801 5104 mfefire (656ef23f7d0738dac975036d6bdde036) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:50:06.0926 5104 mfefire - ok
09:50:06.0988 5104 mfefirek (74c4bf6c59a8a900c25ee892d3771f73) C:\Windows\system32\drivers\mfefirek.sys
09:50:07.0020 5104 mfefirek - ok
09:50:07.0113 5104 mfehidk (bcd060ddc1ea7d2f84e75d17c8e2c88c) C:\Windows\system32\drivers\mfehidk.sys
09:50:07.0144 5104 mfehidk - ok
09:50:07.0207 5104 mfenlfk (27f5b2b6261d018cbce0f2250d812be5) C:\Windows\system32\DRIVERS\mfenlfk.sys
09:50:07.0222 5104 mfenlfk - ok
09:50:07.0238 5104 mferkdet (537d31cf8d41222be5bfa56a5ec35ceb) C:\Windows\system32\drivers\mferkdet.sys
09:50:07.0254 5104 mferkdet - ok
09:50:07.0332 5104 mfevtp (5f9f24654ac493970d678ec7b1e3df93) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
09:50:07.0347 5104 mfevtp - ok
09:50:07.0378 5104 mfewfpk (5c07cb165074c6114616d8473cdd0938) C:\Windows\system32\drivers\mfewfpk.sys
09:50:07.0394 5104 mfewfpk - ok
09:50:07.0534 5104 Microsoft SharePoint Workspace Audit Service - ok
09:50:07.0597 5104 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
09:50:07.0644 5104 MMCSS - ok
09:50:07.0690 5104 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
09:50:07.0753 5104 Modem - ok
09:50:07.0768 5104 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
09:50:07.0815 5104 monitor - ok
09:50:07.0831 5104 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
09:50:07.0846 5104 mouclass - ok
09:50:07.0862 5104 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
09:50:07.0924 5104 mouhid - ok
09:50:07.0971 5104 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
09:50:07.0987 5104 MountMgr - ok
09:50:08.0080 5104 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:50:08.0096 5104 MozillaMaintenance - ok
09:50:08.0127 5104 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
09:50:08.0143 5104 mpio - ok
09:50:08.0158 5104 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
09:50:08.0190 5104 mpsdrv - ok
09:50:08.0236 5104 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
09:50:08.0314 5104 MpsSvc - ok
09:50:08.0361 5104 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
09:50:08.0361 5104 Mraid35x - ok
09:50:08.0392 5104 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
09:50:08.0439 5104 MRxDAV - ok
09:50:08.0455 5104 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:50:08.0564 5104 mrxsmb - ok
09:50:08.0626 5104 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:50:08.0704 5104 mrxsmb10 - ok
09:50:08.0767 5104 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:50:08.0814 5104 mrxsmb20 - ok
09:50:08.0876 5104 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
09:50:08.0892 5104 msahci - ok
09:50:09.0001 5104 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
09:50:09.0016 5104 msdsm - ok
09:50:09.0126 5104 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
09:50:09.0188 5104 MSDTC - ok
09:50:09.0796 5104 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
09:50:09.0830 5104 Msfs - ok
09:50:09.0870 5104 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
09:50:09.0891 5104 msisadrv - ok
09:50:09.0940 5104 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
09:50:10.0010 5104 MSiSCSI - ok
09:50:10.0016 5104 msiserver - ok
09:50:10.0278 5104 MSK80Service (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:50:10.0296 5104 MSK80Service - ok
09:50:10.0342 5104 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
09:50:10.0394 5104 MSKSSRV - ok
09:50:10.0485 5104 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
09:50:10.0540 5104 MSPCLOCK - ok
09:50:10.0586 5104 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
09:50:10.0785 5104 MSPQM - ok
09:50:11.0578 5104 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
09:50:11.0598 5104 MsRPC - ok
09:50:11.0641 5104 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
09:50:11.0654 5104 mssmbios - ok
09:50:11.0660 5104 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
09:50:11.0705 5104 MSTEE - ok
09:50:11.0832 5104 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
09:50:11.0846 5104 Mup - ok
09:50:12.0007 5104 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
09:50:12.0073 5104 napagent - ok
09:50:12.0148 5104 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
09:50:12.0391 5104 NativeWifiP - ok
09:50:12.0575 5104 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
09:50:12.0621 5104 NDIS - ok
09:50:12.0662 5104 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
09:50:12.0702 5104 NdisTapi - ok
09:50:12.0711 5104 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
09:50:12.0754 5104 Ndisuio - ok
09:50:12.0860 5104 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
09:50:12.0901 5104 NdisWan - ok
09:50:12.0933 5104 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
09:50:12.0976 5104 NDProxy - ok
09:50:12.0999 5104 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
09:50:13.0057 5104 NetBIOS - ok
09:50:13.0115 5104 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
09:50:13.0166 5104 netbt - ok
09:50:13.0209 5104 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
09:50:13.0226 5104 Netlogon - ok
09:50:13.0274 5104 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
09:50:13.0330 5104 Netman - ok
09:50:13.0411 5104 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
09:50:13.0512 5104 netprofm - ok
09:50:13.0575 5104 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:50:13.0650 5104 NetTcpPortSharing - ok
09:50:13.0697 5104 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
09:50:13.0714 5104 nfrd960 - ok
09:50:13.0764 5104 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
09:50:13.0837 5104 NlaSvc - ok
09:50:13.0904 5104 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\DRIVERS\npf.sys
09:50:13.0925 5104 NPF - ok
09:50:13.0958 5104 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
09:50:14.0022 5104 Npfs - ok
09:50:14.0047 5104 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
09:50:14.0102 5104 nsi - ok
09:50:14.0141 5104 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
09:50:14.0178 5104 nsiproxy - ok
09:50:14.0273 5104 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
09:50:14.0336 5104 Ntfs - ok
09:50:14.0490 5104 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
09:50:14.0530 5104 Null - ok
09:50:14.0565 5104 nvamacpi (d60eb33d07a8c0d9cca4265480a6cab6) C:\Windows\system32\DRIVERS\NVAMACPI.sys
09:50:14.0579 5104 nvamacpi - ok
09:50:15.0233 5104 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:50:15.0940 5104 nvlddmkm - ok
09:50:16.0065 5104 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
09:50:16.0081 5104 nvraid - ok
09:50:16.0111 5104 nvsmu (61a59fb62864eb3f32d24985a505ce03) C:\Windows\system32\DRIVERS\nvsmu.sys
09:50:16.0121 5104 nvsmu - ok
09:50:16.0162 5104 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
09:50:16.0175 5104 nvstor - ok
09:50:16.0207 5104 nvstor64 (71b6ecd3c56fbf12fb1968da3953b703) C:\Windows\system32\DRIVERS\nvstor64.sys
09:50:16.0221 5104 nvstor64 - ok
09:50:16.0520 5104 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
09:50:16.0691 5104 nvsvc - ok
09:50:16.0910 5104 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
09:50:17.0013 5104 nvUpdatusService - ok
09:50:17.0203 5104 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
09:50:17.0220 5104 nv_agp - ok
09:50:17.0225 5104 NwlnkFlt - ok
09:50:17.0232 5104 NwlnkFwd - ok
09:50:17.0262 5104 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
09:50:17.0321 5104 ohci1394 - ok
09:50:17.0411 5104 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:50:17.0426 5104 ose - ok
09:50:17.0715 5104 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:50:17.0943 5104 osppsvc - ok
09:50:18.0068 5104 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
09:50:18.0176 5104 p2pimsvc - ok
09:50:18.0187 5104 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
09:50:18.0217 5104 p2psvc - ok
09:50:18.0269 5104 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
09:50:18.0320 5104 Parport - ok
09:50:18.0371 5104 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
09:50:18.0385 5104 partmgr - ok
09:50:18.0443 5104 PCAMp50a64 (304e6ac43613a9c43896c4300009442b) C:\Windows\system32\Drivers\PCAMp50a64.sys
09:50:18.0455 5104 PCAMp50a64 - ok
09:50:18.0471 5104 PCASp50a64 (18b6869e23937175144e6f1d3cb85fc2) C:\Windows\system32\Drivers\PCASp50a64.sys
09:50:18.0484 5104 PCASp50a64 - ok
09:50:18.0577 5104 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
09:50:18.0691 5104 PcaSvc - ok
09:50:18.0843 5104 PCD5SRVC{048DBD20-445E8C82-05040104} (58c1cd52347c4835dc3606cd4723f426) C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms
09:50:18.0881 5104 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
09:50:18.0941 5104 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
09:50:18.0964 5104 pci - ok
09:50:19.0040 5104 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
09:50:19.0055 5104 pciide - ok
09:50:19.0105 5104 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
09:50:19.0122 5104 pcmcia - ok
09:50:19.0170 5104 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
09:50:19.0263 5104 PEAUTH - ok
09:50:19.0372 5104 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
09:50:19.0420 5104 PerfHost - ok
09:50:19.0532 5104 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
09:50:19.0660 5104 pla - ok
09:50:19.0711 5104 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
09:50:19.0752 5104 PlugPlay - ok
09:50:19.0772 5104 PnkBstrA - ok
09:50:19.0828 5104 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
09:50:19.0855 5104 PNRPAutoReg - ok
09:50:19.0866 5104 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
09:50:19.0895 5104 PNRPsvc - ok
09:50:19.0953 5104 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
09:50:20.0008 5104 PolicyAgent - ok
09:50:20.0086 5104 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
09:50:20.0114 5104 PptpMiniport - ok
09:50:20.0163 5104 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
09:50:20.0220 5104 Processor - ok
09:50:20.0258 5104 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
09:50:20.0294 5104 ProfSvc - ok
09:50:20.0325 5104 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
09:50:20.0368 5104 ProtectedStorage - ok
09:50:20.0400 5104 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
09:50:20.0426 5104 PSched - ok
09:50:20.0483 5104 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
09:50:20.0492 5104 PxHlpa64 - ok
09:50:20.0946 5104 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
09:50:21.0016 5104 ql2300 - ok
09:50:21.0061 5104 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
09:50:21.0082 5104 ql40xx - ok
09:50:21.0126 5104 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
09:50:21.0156 5104 QWAVE - ok
09:50:21.0176 5104 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
09:50:21.0204 5104 QWAVEdrv - ok
09:50:21.0321 5104 R300 (2a09a6b271d1f50adf5e33b37d460de6) C:\Windows\system32\DRIVERS\atikmdag.sys
09:50:21.0470 5104 R300 - ok
09:50:22.0038 5104 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
09:50:22.0083 5104 RasAcd - ok
09:50:22.0128 5104 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
09:50:22.0176 5104 RasAuto - ok
09:50:22.0212 5104 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:50:22.0260 5104 Rasl2tp - ok
09:50:22.0307 5104 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
09:50:22.0338 5104 RasMan - ok
09:50:22.0355 5104 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
09:50:22.0409 5104 RasPppoe - ok
09:50:22.0419 5104 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
09:50:22.0466 5104 RasSstp - ok
09:50:22.0500 5104 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
09:50:22.0528 5104 rdbss - ok
09:50:22.0569 5104 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:50:22.0609 5104 RDPCDD - ok
09:50:22.0635 5104 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
09:50:22.0687 5104 rdpdr - ok
09:50:22.0694 5104 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
09:50:22.0755 5104 RDPENCDD - ok
09:50:22.0811 5104 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
09:50:22.0975 5104 RDPWD - ok
09:50:23.0080 5104 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
09:50:23.0164 5104 RemoteAccess - ok
09:50:23.0318 5104 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
09:50:23.0379 5104 RemoteRegistry - ok
09:50:23.0449 5104 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
09:50:23.0481 5104 RpcLocator - ok
09:50:23.0533 5104 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
09:50:23.0578 5104 RpcSs - ok
09:50:23.0621 5104 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
09:50:23.0655 5104 rspndr - ok
09:50:23.0712 5104 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
09:50:23.0726 5104 SamSs - ok
09:50:23.0740 5104 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
09:50:23.0753 5104 sbp2port - ok
09:50:23.0778 5104 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
09:50:23.0831 5104 SCardSvr - ok
09:50:23.0942 5104 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
09:50:24.0073 5104 Schedule - ok
09:50:24.0137 5104 SCMNdisP (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys
09:50:24.0149 5104 SCMNdisP - ok
09:50:24.0180 5104 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
09:50:24.0206 5104 SCPolicySvc - ok
09:50:24.0265 5104 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
09:50:24.0357 5104 SDRSVC - ok
09:50:24.0406 5104 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:50:24.0458 5104 secdrv - ok
09:50:24.0508 5104 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
09:50:24.0549 5104 seclogon - ok
09:50:24.0562 5104 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
09:50:24.0609 5104 SENS - ok
09:50:24.0622 5104 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
09:50:24.0676 5104 Serenum - ok
09:50:24.0697 5104 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
09:50:24.0746 5104 Serial - ok
09:50:24.0752 5104 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
09:50:24.0785 5104 sermouse - ok
09:50:24.0813 5104 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
09:50:24.0870 5104 SessionEnv - ok
09:50:24.0911 5104 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
09:50:24.0943 5104 sffdisk - ok
09:50:24.0949 5104 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
09:50:24.0990 5104 sffp_mmc - ok
09:50:24.0995 5104 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
09:50:25.0059 5104 sffp_sd - ok
09:50:25.0067 5104 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
09:50:25.0153 5104 sfloppy - ok
09:50:25.0213 5104 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
09:50:25.0263 5104 SharedAccess - ok
09:50:25.0581 5104 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
09:50:25.0674 5104 ShellHWDetection - ok
09:50:25.0732 5104 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
09:50:25.0747 5104 SiSRaid2 - ok
09:50:25.0761 5104 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
09:50:25.0777 5104 SiSRaid4 - ok
09:50:25.0898 5104 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
09:50:26.0105 5104 slsvc - ok
09:50:26.0262 5104 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
09:50:26.0310 5104 SLUINotify - ok
09:50:26.0354 5104 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
09:50:26.0406 5104 Smb - ok
09:50:26.0466 5104 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
09:50:26.0489 5104 SNMPTRAP - ok
09:50:26.0503 5104 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
09:50:26.0519 5104 spldr - ok
09:50:26.0591 5104 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
09:50:26.0647 5104 Spooler - ok
09:50:26.0747 5104 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
09:50:26.0763 5104 sprtsvc_DellSupportCenter - ok
09:50:26.0845 5104 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
09:50:26.0916 5104 srv - ok
09:50:27.0229 5104 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
09:50:27.0443 5104 srv2 - ok
09:50:27.0481 5104 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
09:50:27.0499 5104 srvnet - ok
09:50:27.0534 5104 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
09:50:27.0576 5104 SSDPSRV - ok
09:50:27.0606 5104 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
09:50:27.0637 5104 SstpSvc - ok
09:50:28.0032 5104 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
09:50:28.0084 5104 stisvc - ok
09:50:28.0204 5104 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
09:50:28.0217 5104 stllssvr - ok
09:50:28.0292 5104 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
09:50:28.0305 5104 swenum - ok
09:50:28.0345 5104 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
09:50:28.0405 5104 swprv - ok
09:50:28.0450 5104 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
09:50:28.0463 5104 Symc8xx - ok
09:50:28.0478 5104 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
09:50:28.0492 5104 Sym_hi - ok
09:50:28.0504 5104 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
09:50:28.0518 5104 Sym_u3 - ok
09:50:28.0579 5104 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
09:50:28.0670 5104 SysMain - ok
09:50:28.0695 5104 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
09:50:28.0732 5104 TabletInputService - ok
09:50:28.0791 5104 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
09:50:28.0848 5104 TapiSrv - ok
09:50:28.0893 5104 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
09:50:28.0928 5104 TBS - ok
09:50:29.0068 5104 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
09:50:29.0138 5104 Tcpip - ok
09:50:29.0277 5104 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
09:50:29.0332 5104 Tcpip6 - ok
09:50:29.0460 5104 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
09:50:29.0553 5104 tcpipreg - ok
09:50:29.0597 5104 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
09:50:29.0651 5104 TDPIPE - ok
09:50:29.0687 5104 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
09:50:29.0726 5104 TDTCP - ok
09:50:29.0754 5104 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
09:50:29.0797 5104 tdx - ok
09:50:29.0832 5104 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
09:50:29.0849 5104 TermDD - ok
09:50:29.0892 5104 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
09:50:30.0019 5104 TermService - ok
09:50:30.0287 5104 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
09:50:30.0311 5104 Themes - ok
09:50:30.0389 5104 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
09:50:30.0451 5104 THREADORDER - ok
09:50:30.0644 5104 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
09:50:30.0709 5104 TrkWks - ok
09:50:30.0780 5104 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
09:50:30.0836 5104 TrustedInstaller - ok
09:50:30.0872 5104 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:50:30.0932 5104 tssecsrv - ok
09:50:30.0973 5104 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
09:50:31.0040 5104 tunmp - ok
09:50:31.0096 5104 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
09:50:31.0133 5104 tunnel - ok
09:50:31.0151 5104 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
09:50:31.0165 5104 uagp35 - ok
09:50:31.0220 5104 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
09:50:31.0274 5104 udfs - ok
09:50:31.0340 5104 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
09:50:31.0386 5104 UI0Detect - ok
09:50:31.0408 5104 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
09:50:31.0423 5104 uliagpkx - ok
09:50:31.0450 5104 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
09:50:31.0469 5104 uliahci - ok
09:50:31.0503 5104 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
09:50:31.0518 5104 UlSata - ok
09:50:31.0533 5104 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
09:50:31.0548 5104 ulsata2 - ok
09:50:31.0570 5104 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
09:50:31.0610 5104 umbus - ok
09:50:31.0737 5104 UpdaterService (132211270f2e846c4cd1c7bec980999a) C:\ProgramData\UpdaterService\wsupdsvc.exe
09:50:31.0764 5104 UpdaterService - ok
09:50:31.0851 5104 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
09:50:31.0908 5104 upnphost - ok
09:50:32.0017 5104 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
09:50:32.0061 5104 usbccgp - ok
09:50:32.0089 5104 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
09:50:32.0179 5104 usbcir - ok
09:50:32.0255 5104 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
09:50:32.0307 5104 usbehci - ok
09:50:32.0352 5104 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
09:50:32.0390 5104 usbhub - ok
09:50:32.0481 5104 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
09:50:32.0513 5104 usbohci - ok
09:50:32.0581 5104 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
09:50:32.0664 5104 usbprint - ok
09:50:32.0781 5104 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:50:32.0808 5104 USBSTOR - ok
09:50:32.0907 5104 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
09:50:32.0932 5104 usbuhci - ok
09:50:33.0074 5104 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
09:50:33.0159 5104 usbvideo - ok
09:50:33.0231 5104 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
09:50:33.0262 5104 usb_rndisx - ok
09:50:33.0301 5104 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
09:50:33.0347 5104 UxSms - ok
09:50:33.0398 5104 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
09:50:33.0442 5104 vds - ok
09:50:33.0476 5104 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
09:50:33.0512 5104 vga - ok
09:50:33.0521 5104 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
09:50:33.0568 5104 VgaSave - ok
09:50:33.0584 5104 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
09:50:33.0597 5104 viaide - ok
09:50:33.0625 5104 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
09:50:33.0641 5104 volmgr - ok
09:50:33.0707 5104 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
09:50:33.0729 5104 volmgrx - ok
09:50:33.0800 5104 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
09:50:33.0822 5104 volsnap - ok
09:50:33.0854 5104 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
09:50:33.0873 5104 vsmraid - ok
09:50:33.0971 5104 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
09:50:34.0047 5104 VSS - ok
09:50:34.0228 5104 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
09:50:34.0277 5104 vToolbarUpdater11.1.0 - ok
09:50:34.0366 5104 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
09:50:34.0458 5104 W32Time - ok
09:50:34.0514 5104 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
09:50:34.0589 5104 WacomPen - ok
09:50:34.0656 5104 WajamUpdater - ok
09:50:34.0687 5104 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
09:50:34.0712 5104 Wanarp - ok
09:50:34.0716 5104 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
09:50:34.0741 5104 Wanarpv6 - ok
09:50:34.0780 5104 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
09:50:34.0808 5104 wcncsvc - ok
09:50:34.0860 5104 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
09:50:34.0905 5104 WcsPlugInService - ok
09:50:34.0958 5104 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
09:50:34.0973 5104 Wd - ok
09:50:35.0019 5104 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
09:50:35.0056 5104 Wdf01000 - ok
09:50:35.0103 5104 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
09:50:35.0139 5104 WdiServiceHost - ok
09:50:35.0145 5104 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
09:50:35.0179 5104 WdiSystemHost - ok
09:50:35.0212 5104 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
09:50:35.0247 5104 WebClient - ok
09:50:35.0459 5104 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
09:50:35.0670 5104 Wecsvc - ok
09:50:35.0754 5104 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
09:50:35.0817 5104 wercplsupport - ok
09:50:35.0855 5104 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
09:50:35.0925 5104 WerSvc - ok
09:50:35.0998 5104 WinDefend - ok
09:50:36.0012 5104 WinHttpAutoProxySvc - ok
09:50:36.0091 5104 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
09:50:36.0136 5104 Winmgmt - ok
09:50:36.0260 5104 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
09:50:36.0381 5104 WinRM - ok
09:50:36.0559 5104 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
09:50:36.0754 5104 Wlansvc - ok
09:50:36.0845 5104 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:50:36.0892 5104 WmiAcpi - ok
09:50:36.0993 5104 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
09:50:37.0054 5104 wmiApSrv - ok
09:50:37.0089 5104 WMPNetworkSvc - ok
09:50:37.0147 5104 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
09:50:37.0238 5104 WPCSvc - ok
09:50:37.0303 5104 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
09:50:37.0334 5104 WPDBusEnum - ok
09:50:37.0389 5104 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
09:50:37.0406 5104 WpdUsb - ok
09:50:38.0234 5104 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:50:38.0318 5104 WPFFontCache_v0400 - ok
09:50:38.0366 5104 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
09:50:38.0413 5104 ws2ifsl - ok
09:50:38.0470 5104 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
09:50:38.0490 5104 wscsvc - ok
09:50:38.0494 5104 WSearch - ok
09:50:38.0585 5104 WSWNDA3100 (2a7db6a6f2c2e7cb40311d5b9340060d) C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
09:50:38.0594 5104 WSWNDA3100 ( UnsignedFile.Multi.Generic ) - warning
09:50:38.0594 5104 WSWNDA3100 - detected UnsignedFile.Multi.Generic (1)
09:50:38.0707 5104 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
09:50:38.0805 5104 wuauserv - ok
09:50:38.0930 5104 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:50:38.0989 5104 WUDFRd - ok
09:50:39.0042 5104 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
09:50:39.0094 5104 wudfsvc - ok
09:50:39.0174 5104 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
09:50:39.0281 5104 xusb21 - ok
09:50:39.0376 5104 MBR (0x1B8) (faf3db026c90f586e5993588661e2612) \Device\Harddisk0\DR0
09:50:39.0404 5104 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
09:50:39.0404 5104 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
09:50:39.0464 5104 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:50:39.0464 5104 \Device\Harddisk0\DR0 - detected TDSS File System (1)
09:50:39.0494 5104 Boot (0x1200) (37d0e85aaf898b480daa3466033dc416) \Device\Harddisk0\DR0\Partition0
09:50:39.0497 5104 \Device\Harddisk0\DR0\Partition0 - ok
09:50:39.0512 5104 Boot (0x1200) (191589481aaad8d517a62f2fe8feaa37) \Device\Harddisk0\DR0\Partition1
09:50:39.0515 5104 \Device\Harddisk0\DR0\Partition1 - ok
09:50:39.0516 5104 ============================================================
09:50:39.0516 5104 Scan finished
09:50:39.0516 5104 ============================================================
09:50:39.0540 3676 Detected object count: 4
09:50:39.0540 3676 Actual detected object count: 4
09:51:40.0988 3676 FOXOSDService ( UnsignedFile.Multi.Generic ) - skipped by user
09:51:40.0989 3676 FOXOSDService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:51:40.0991 3676 WSWNDA3100 ( UnsignedFile.Multi.Generic ) - skipped by user
09:51:40.0991 3676 WSWNDA3100 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:51:41.0692 3676 \Device\Harddisk0\DR0\# - copied to quarantine
09:51:41.0693 3676 \Device\Harddisk0\DR0 - copied to quarantine
09:51:41.0768 3676 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
09:51:41.0771 3676 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
09:51:41.0780 3676 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
09:51:41.0788 3676 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
09:51:41.0827 3676 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
09:51:41.0842 3676 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
09:51:41.0844 3676 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
09:51:41.0847 3676 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
09:51:41.0850 3676 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
09:51:41.0855 3676 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
09:51:41.0860 3676 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
09:51:41.0863 3676 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
09:51:41.0896 3676 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
09:51:41.0898 3676 \Device\Harddisk0\DR0 - ok
09:51:42.0699 3676 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
09:51:42.0699 3676 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
09:51:42.0700 3676 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK re-run TDSSKiller please with the same settings - when you see the following then select delete:

\Device\Harddisk0\DR0 ( TDSS File System )

Could you then run one further OTL quick scan please and let me know how the computer is behaving
  • 0

#15
cazzaren

cazzaren

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
did as asked, deleted the file and the report was,

14:03:59.0109 4004 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
14:03:59.0470 4004 ============================================================
14:03:59.0470 4004 Current date / time: 2012/05/20 14:03:59.0470
14:03:59.0470 4004 SystemInfo:
14:03:59.0471 4004
14:03:59.0471 4004 OS Version: 6.0.6002 ServicePack: 2.0
14:03:59.0471 4004 Product type: Workstation
14:03:59.0471 4004 ComputerName: ELEBYFAMILY-PC
14:03:59.0471 4004 UserName: Donna
14:03:59.0471 4004 Windows directory: C:\Windows
14:03:59.0471 4004 System windows directory: C:\Windows
14:03:59.0471 4004 Running under WOW64
14:03:59.0471 4004 Processor architecture: Intel x64
14:03:59.0471 4004 Number of processors: 2
14:03:59.0471 4004 Page size: 0x1000
14:03:59.0471 4004 Boot type: Normal boot
14:03:59.0471 4004 ============================================================
14:04:05.0802 4004 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:04:05.0833 4004 ============================================================
14:04:05.0833 4004 \Device\Harddisk0\DR0:
14:04:05.0834 4004 MBR partitions:
14:04:05.0834 4004 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
14:04:05.0834 4004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
14:04:05.0834 4004 ============================================================
14:04:05.0930 4004 C: <-> \Device\Harddisk0\DR0\Partition1
14:04:05.0992 4004 D: <-> \Device\Harddisk0\DR0\Partition0
14:04:05.0992 4004 ============================================================
14:04:05.0992 4004 Initialize success
14:04:05.0992 4004 ============================================================
14:04:13.0899 0300 ============================================================
14:04:13.0899 0300 Scan started
14:04:13.0899 0300 Mode: Manual; SigCheck; TDLFS;
14:04:13.0899 0300 ============================================================
14:04:17.0183 0300 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:04:17.0395 0300 ACDaemon - ok
14:04:18.0091 0300 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
14:04:18.0117 0300 ACPI - ok
14:04:18.0194 0300 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
14:04:18.0244 0300 adp94xx - ok
14:04:18.0550 0300 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
14:04:18.0571 0300 adpahci - ok
14:04:18.0812 0300 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
14:04:18.0830 0300 adpu160m - ok
14:04:19.0101 0300 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
14:04:19.0122 0300 adpu320 - ok
14:04:19.0178 0300 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
14:04:19.0817 0300 AeLookupSvc - ok
14:04:19.0929 0300 AERTFilters (7394641611ef3ab2d041f104f1e8c1b9) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:04:20.0025 0300 AERTFilters - ok
14:04:20.0202 0300 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
14:04:20.0213 0300 Afc - ok
14:04:20.0571 0300 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
14:04:20.0734 0300 AFD - ok
14:04:20.0790 0300 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
14:04:20.0806 0300 agp440 - ok
14:04:20.0825 0300 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
14:04:20.0840 0300 aic78xx - ok
14:04:21.0038 0300 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
14:04:21.0193 0300 ALG - ok
14:04:21.0247 0300 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
14:04:21.0261 0300 aliide - ok
14:04:21.0267 0300 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
14:04:21.0279 0300 amdide - ok
14:04:21.0310 0300 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
14:04:21.0361 0300 AmdK8 - ok
14:04:21.0419 0300 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
14:04:21.0494 0300 Appinfo - ok
14:04:21.0531 0300 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
14:04:21.0544 0300 arc - ok
14:04:21.0556 0300 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
14:04:21.0569 0300 arcsas - ok
14:04:21.0586 0300 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
14:04:21.0678 0300 AsyncMac - ok
14:04:21.0765 0300 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
14:04:21.0782 0300 atapi - ok
14:04:21.0822 0300 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
14:04:21.0982 0300 AudioEndpointBuilder - ok
14:04:21.0990 0300 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
14:04:22.0033 0300 AudioSrv - ok
14:04:22.0107 0300 b57nd60a (e9517e50e773849aee7c2ac9befe5090) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:04:22.0189 0300 b57nd60a - ok
14:04:22.0463 0300 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:04:22.0480 0300 BBSvc - ok
14:04:22.0696 0300 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:04:22.0718 0300 BBUpdate - ok
14:04:22.0810 0300 BCMH43XX (912e49ed3c14e00cb9613884a3b957d0) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
14:04:22.0875 0300 BCMH43XX - ok
14:04:23.0491 0300 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
14:04:23.0588 0300 BFE - ok
14:04:23.0683 0300 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
14:04:23.0981 0300 BITS - ok
14:04:24.0212 0300 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
14:04:24.0303 0300 blbdrive - ok
14:04:24.0430 0300 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
14:04:24.0496 0300 bowser - ok
14:04:24.0542 0300 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
14:04:24.0591 0300 BrFiltLo - ok
14:04:24.0668 0300 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
14:04:24.0713 0300 BrFiltUp - ok
14:04:24.0763 0300 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
14:04:24.0815 0300 Browser - ok
14:04:24.0829 0300 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
14:04:24.0999 0300 Brserid - ok
14:04:25.0049 0300 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
14:04:25.0180 0300 BrSerWdm - ok
14:04:25.0233 0300 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
14:04:25.0330 0300 BrUsbMdm - ok
14:04:25.0386 0300 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
14:04:25.0443 0300 BrUsbSer - ok
14:04:25.0466 0300 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
14:04:25.0542 0300 BTHMODEM - ok
14:04:25.0606 0300 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
14:04:25.0684 0300 cdfs - ok
14:04:25.0912 0300 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
14:04:25.0943 0300 cdrom - ok
14:04:26.0004 0300 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
14:04:26.0059 0300 CertPropSvc - ok
14:04:26.0179 0300 cfwids (3b8a124d87ee9d229d1f07f518da9a4c) C:\Windows\system32\drivers\cfwids.sys
14:04:26.0195 0300 cfwids - ok
14:04:26.0241 0300 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
14:04:26.0341 0300 circlass - ok
14:04:26.0382 0300 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
14:04:26.0420 0300 CLFS - ok
14:04:26.0492 0300 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:04:26.0505 0300 clr_optimization_v2.0.50727_32 - ok
14:04:26.0560 0300 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:04:26.0572 0300 clr_optimization_v2.0.50727_64 - ok
14:04:26.0634 0300 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:04:26.0707 0300 clr_optimization_v4.0.30319_32 - ok
14:04:26.0745 0300 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:04:26.0804 0300 clr_optimization_v4.0.30319_64 - ok
14:04:26.0834 0300 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
14:04:26.0845 0300 cmdide - ok
14:04:26.0851 0300 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\drivers\compbatt.sys
14:04:26.0867 0300 Compbatt - ok
14:04:26.0871 0300 COMSysApp - ok
14:04:26.0973 0300 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
14:04:26.0990 0300 crcdisk - ok
14:04:27.0055 0300 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
14:04:27.0104 0300 CryptSvc - ok
14:04:27.0175 0300 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
14:04:27.0241 0300 DcomLaunch - ok
14:04:27.0319 0300 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
14:04:27.0380 0300 DfsC - ok
14:04:27.0646 0300 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
14:04:27.0855 0300 DFSR - ok
14:04:28.0064 0300 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
14:04:28.0097 0300 Dhcp - ok
14:04:28.0144 0300 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
14:04:28.0164 0300 disk - ok
14:04:28.0331 0300 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
14:04:28.0415 0300 Dnscache - ok
14:04:28.0445 0300 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
14:04:28.0499 0300 dot3svc - ok
14:04:28.0558 0300 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
14:04:28.0628 0300 DPS - ok
14:04:28.0729 0300 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
14:04:28.0773 0300 drmkaud - ok
14:04:29.0530 0300 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
14:04:29.0591 0300 DXGKrnl - ok
14:04:29.0670 0300 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
14:04:29.0718 0300 e1express - ok
14:04:30.0174 0300 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
14:04:30.0248 0300 E1G60 - ok
14:04:30.0264 0300 EagleX64 - ok
14:04:30.0313 0300 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
14:04:30.0349 0300 EapHost - ok
14:04:30.0378 0300 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
14:04:30.0402 0300 Ecache - ok
14:04:30.0456 0300 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
14:04:30.0507 0300 ehRecvr - ok
14:04:30.0531 0300 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
14:04:30.0554 0300 ehSched - ok
14:04:30.0578 0300 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
14:04:30.0678 0300 ehstart - ok
14:04:31.0047 0300 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
14:04:31.0069 0300 elxstor - ok
14:04:31.0539 0300 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
14:04:31.0642 0300 EMDMgmt - ok
14:04:31.0690 0300 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
14:04:31.0765 0300 ErrDev - ok
14:04:32.0204 0300 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
14:04:32.0259 0300 EventSystem - ok
14:04:32.0295 0300 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
14:04:32.0353 0300 exfat - ok
14:04:32.0980 0300 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
14:04:32.0998 0300 FACAP - ok
14:04:34.0570 0300 FAService (2b85d60e470acf871e4ef0db02e26861) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
14:04:34.0682 0300 FAService - ok
14:04:35.0549 0300 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
14:04:35.0599 0300 fastfat - ok
14:04:35.0676 0300 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
14:04:35.0718 0300 fdc - ok
14:04:35.0769 0300 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
14:04:35.0838 0300 fdPHost - ok
14:04:35.0850 0300 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
14:04:35.0939 0300 FDResPub - ok
14:04:36.0019 0300 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
14:04:36.0035 0300 FileInfo - ok
14:04:36.0054 0300 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
14:04:36.0109 0300 Filetrace - ok
14:04:36.0120 0300 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:04:36.0184 0300 flpydisk - ok
14:04:36.0234 0300 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
14:04:36.0259 0300 FltMgr - ok
14:04:36.0568 0300 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
14:04:36.0758 0300 FontCache - ok
14:04:36.0916 0300 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:04:36.0927 0300 FontCache3.0.0.0 - ok
14:04:37.0026 0300 FOXOSDService (89e7f428762eca1d411bd1524b6846df) C:\Program Files (x86)\DELL\OSD\OSDSvr.exe
14:04:37.0040 0300 FOXOSDService ( UnsignedFile.Multi.Generic ) - warning
14:04:37.0040 0300 FOXOSDService - detected UnsignedFile.Multi.Generic (1)
14:04:37.0131 0300 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
14:04:37.0163 0300 Fs_Rec - ok
14:04:37.0175 0300 FXOSDDRV (0e0292ab71267c1e3a71a9e43dab92e1) C:\Windows\system32\DRIVERS\FxOSDdrv64.sys
14:04:37.0188 0300 FXOSDDRV - ok
14:04:37.0217 0300 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
14:04:37.0233 0300 gagp30kx - ok
14:04:37.0367 0300 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
14:04:37.0379 0300 GoToAssist - ok
14:04:37.0515 0300 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
14:04:37.0568 0300 gpsvc - ok
14:04:37.0879 0300 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:04:37.0893 0300 gupdate - ok
14:04:37.0904 0300 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:04:37.0917 0300 gupdatem - ok
14:04:38.0559 0300 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:04:38.0666 0300 HDAudBus - ok
14:04:38.0761 0300 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
14:04:38.0834 0300 HidBth - ok
14:04:38.0881 0300 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
14:04:38.0988 0300 HidIr - ok
14:04:39.0069 0300 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
14:04:39.0124 0300 hidserv - ok
14:04:39.0242 0300 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
14:04:39.0297 0300 HidUsb - ok
14:04:39.0341 0300 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
14:04:39.0415 0300 hkmsvc - ok
14:04:39.0467 0300 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
14:04:39.0491 0300 HpCISSs - ok
14:04:39.0562 0300 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
14:04:39.0718 0300 HTTP - ok
14:04:39.0851 0300 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
14:04:39.0864 0300 i2omp - ok
14:04:39.0913 0300 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
14:04:39.0962 0300 i8042prt - ok
14:04:40.0068 0300 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
14:04:40.0086 0300 iaStorV - ok
14:04:41.0114 0300 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:04:41.0175 0300 idsvc - ok
14:04:41.0294 0300 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
14:04:41.0310 0300 iirsp - ok
14:04:41.0379 0300 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
14:04:41.0478 0300 IKEEXT - ok
14:04:42.0252 0300 IntcAzAudAddService (49a1c3833af724b2555c0689347dcd05) C:\Windows\system32\drivers\RTKVHD64.sys
14:04:42.0336 0300 IntcAzAudAddService - ok
14:04:42.0585 0300 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
14:04:42.0599 0300 intelide - ok
14:04:42.0614 0300 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
14:04:42.0660 0300 intelppm - ok
14:04:42.0907 0300 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
14:04:42.0951 0300 IPBusEnum - ok
14:04:42.0980 0300 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:04:43.0030 0300 IpFilterDriver - ok
14:04:43.0434 0300 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
14:04:43.0491 0300 iphlpsvc - ok
14:04:43.0496 0300 IpInIp - ok
14:04:43.0537 0300 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
14:04:43.0597 0300 IPMIDRV - ok
14:04:43.0807 0300 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
14:04:43.0864 0300 IPNAT - ok
14:04:43.0883 0300 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
14:04:43.0923 0300 IRENUM - ok
14:04:43.0981 0300 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
14:04:43.0996 0300 isapnp - ok
14:04:44.0359 0300 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
14:04:44.0378 0300 iScsiPrt - ok
14:04:44.0415 0300 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
14:04:44.0429 0300 iteatapi - ok
14:04:44.0455 0300 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
14:04:44.0469 0300 iteraid - ok
14:04:44.0538 0300 jswpsapi - ok
14:04:44.0614 0300 JSWPSLWF (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys
14:04:44.0651 0300 JSWPSLWF - ok
14:04:44.0686 0300 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
14:04:44.0706 0300 kbdclass - ok
14:04:44.0740 0300 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
14:04:44.0787 0300 kbdhid - ok
14:04:44.0873 0300 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
14:04:44.0937 0300 KeyIso - ok
14:04:45.0008 0300 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
14:04:45.0037 0300 KSecDD - ok
14:04:45.0104 0300 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
14:04:45.0156 0300 ksthunk - ok
14:04:45.0220 0300 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
14:04:45.0322 0300 KtmRm - ok
14:04:45.0520 0300 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
14:04:45.0604 0300 LanmanServer - ok
14:04:46.0041 0300 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
14:04:46.0096 0300 LanmanWorkstation - ok
14:04:46.0137 0300 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
14:04:46.0197 0300 lltdio - ok
14:04:46.0495 0300 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
14:04:46.0565 0300 lltdsvc - ok
14:04:46.0627 0300 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
14:04:46.0688 0300 lmhosts - ok
14:04:46.0809 0300 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
14:04:46.0823 0300 LSI_FC - ok
14:04:46.0837 0300 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
14:04:46.0851 0300 LSI_SAS - ok
14:04:46.0866 0300 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
14:04:46.0879 0300 LSI_SCSI - ok
14:04:46.0893 0300 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
14:04:46.0942 0300 luafv - ok
14:04:47.0116 0300 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
14:04:47.0134 0300 McComponentHostService - ok
14:04:47.0333 0300 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
14:04:47.0365 0300 mcdbus - ok
14:04:47.0558 0300 McMPFSvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:04:47.0582 0300 McMPFSvc - ok
14:04:47.0590 0300 mcmscsvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:04:47.0613 0300 mcmscsvc - ok
14:04:47.0621 0300 McNaiAnn (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:04:47.0646 0300 McNaiAnn - ok
14:04:47.0654 0300 McNASvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:04:47.0671 0300 McNASvc - ok
14:04:48.0252 0300 McODS (3809b77eb1734cd5fb317425f188abc1) C:\Program Files\McAfee\VirusScan\mcods.exe
14:04:48.0308 0300 McODS - ok
14:04:48.0360 0300 McProxy (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:04:48.0377 0300 McProxy - ok
14:04:48.0432 0300 McShield (be7802cfab44b613ac1a20aec1d45b87) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
14:04:48.0446 0300 McShield - ok
14:04:48.0633 0300 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
14:04:48.0656 0300 Mcx2Svc - ok
14:04:48.0753 0300 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
14:04:48.0767 0300 megasas - ok
14:04:48.0818 0300 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
14:04:48.0841 0300 MegaSR - ok
14:04:48.0879 0300 mfeapfk (0d8a2ccd9fb7a18114ffa13bb681f362) C:\Windows\system32\drivers\mfeapfk.sys
14:04:48.0892 0300 mfeapfk - ok
14:04:48.0935 0300 mfeavfk (58e891f01db2b41ef1a1296fe63ed74c) C:\Windows\system32\drivers\mfeavfk.sys
14:04:48.0948 0300 mfeavfk - ok
14:04:48.0959 0300 mfeavfk01 - ok
14:04:49.0176 0300 mfefire (656ef23f7d0738dac975036d6bdde036) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
14:04:49.0195 0300 mfefire - ok
14:04:49.0500 0300 mfefirek (74c4bf6c59a8a900c25ee892d3771f73) C:\Windows\system32\drivers\mfefirek.sys
14:04:49.0576 0300 mfefirek - ok
14:04:50.0548 0300 mfehidk (bcd060ddc1ea7d2f84e75d17c8e2c88c) C:\Windows\system32\drivers\mfehidk.sys
14:04:50.0580 0300 mfehidk - ok
14:04:50.0714 0300 mfenlfk (27f5b2b6261d018cbce0f2250d812be5) C:\Windows\system32\DRIVERS\mfenlfk.sys
14:04:50.0725 0300 mfenlfk - ok
14:04:50.0761 0300 mferkdet (537d31cf8d41222be5bfa56a5ec35ceb) C:\Windows\system32\drivers\mferkdet.sys
14:04:50.0774 0300 mferkdet - ok
14:04:51.0428 0300 mfevtp (5f9f24654ac493970d678ec7b1e3df93) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
14:04:51.0447 0300 mfevtp - ok
14:04:51.0533 0300 mfewfpk (5c07cb165074c6114616d8473cdd0938) C:\Windows\system32\drivers\mfewfpk.sys
14:04:51.0556 0300 mfewfpk - ok
14:04:51.0924 0300 Microsoft SharePoint Workspace Audit Service - ok
14:04:52.0056 0300 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
14:04:52.0116 0300 MMCSS - ok
14:04:52.0180 0300 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
14:04:52.0248 0300 Modem - ok
14:04:52.0268 0300 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
14:04:52.0314 0300 monitor - ok
14:04:52.0422 0300 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
14:04:52.0437 0300 mouclass - ok
14:04:52.0480 0300 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
14:04:52.0551 0300 mouhid - ok
14:04:52.0585 0300 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
14:04:52.0604 0300 MountMgr - ok
14:04:52.0690 0300 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:04:52.0711 0300 MozillaMaintenance - ok
14:04:52.0749 0300 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
14:04:52.0771 0300 mpio - ok
14:04:52.0795 0300 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
14:04:52.0849 0300 mpsdrv - ok
14:04:53.0341 0300 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
14:04:53.0448 0300 MpsSvc - ok
14:04:53.0526 0300 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
14:04:53.0546 0300 Mraid35x - ok
14:04:53.0814 0300 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
14:04:53.0889 0300 MRxDAV - ok
14:04:53.0915 0300 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:04:53.0977 0300 mrxsmb - ok
14:04:54.0257 0300 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:04:54.0289 0300 mrxsmb10 - ok
14:04:54.0460 0300 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:04:54.0500 0300 mrxsmb20 - ok
14:04:54.0558 0300 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
14:04:54.0576 0300 msahci - ok
14:04:54.0592 0300 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
14:04:54.0612 0300 msdsm - ok
14:04:54.0650 0300 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
14:04:54.0727 0300 MSDTC - ok
14:04:54.0754 0300 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
14:04:54.0834 0300 Msfs - ok
14:04:54.0865 0300 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
14:04:54.0877 0300 msisadrv - ok
14:04:54.0896 0300 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
14:04:54.0950 0300 MSiSCSI - ok
14:04:54.0957 0300 msiserver - ok
14:04:55.0469 0300 MSK80Service (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:04:55.0512 0300 MSK80Service - ok
14:04:55.0638 0300 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
14:04:55.0721 0300 MSKSSRV - ok
14:04:55.0768 0300 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
14:04:55.0839 0300 MSPCLOCK - ok
14:04:55.0876 0300 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
14:04:55.0928 0300 MSPQM - ok
14:04:56.0065 0300 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
14:04:56.0083 0300 MsRPC - ok
14:04:56.0259 0300 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
14:04:56.0274 0300 mssmbios - ok
14:04:56.0329 0300 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
14:04:56.0475 0300 MSTEE - ok
14:04:56.0829 0300 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
14:04:56.0855 0300 Mup - ok
14:04:56.0879 0300 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
14:04:56.0948 0300 napagent - ok
14:04:56.0994 0300 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
14:04:57.0011 0300 NativeWifiP - ok
14:04:57.0081 0300 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
14:04:57.0117 0300 NDIS - ok
14:04:57.0162 0300 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
14:04:57.0191 0300 NdisTapi - ok
14:04:57.0203 0300 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
14:04:57.0236 0300 Ndisuio - ok
14:04:57.0265 0300 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
14:04:57.0306 0300 NdisWan - ok
14:04:57.0328 0300 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
14:04:57.0364 0300 NDProxy - ok
14:04:57.0405 0300 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
14:04:57.0461 0300 NetBIOS - ok
14:04:57.0499 0300 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
14:04:57.0559 0300 netbt - ok
14:04:57.0619 0300 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
14:04:57.0636 0300 Netlogon - ok
14:04:57.0989 0300 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
14:04:58.0065 0300 Netman - ok
14:04:58.0111 0300 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
14:04:58.0155 0300 netprofm - ok
14:04:58.0313 0300 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:04:58.0336 0300 NetTcpPortSharing - ok
14:04:58.0372 0300 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
14:04:58.0384 0300 nfrd960 - ok
14:04:58.0520 0300 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
14:04:58.0569 0300 NlaSvc - ok
14:04:58.0773 0300 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\DRIVERS\npf.sys
14:04:58.0789 0300 NPF - ok
14:04:58.0816 0300 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
14:04:58.0853 0300 Npfs - ok
14:04:58.0957 0300 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
14:04:59.0016 0300 nsi - ok
14:04:59.0131 0300 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
14:04:59.0177 0300 nsiproxy - ok
14:04:59.0559 0300 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
14:04:59.0857 0300 Ntfs - ok
14:05:00.0364 0300 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
14:05:00.0400 0300 Null - ok
14:05:00.0431 0300 nvamacpi (d60eb33d07a8c0d9cca4265480a6cab6) C:\Windows\system32\DRIVERS\NVAMACPI.sys
14:05:00.0443 0300 nvamacpi - ok
14:05:03.0612 0300 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:05:04.0116 0300 nvlddmkm - ok
14:05:04.0907 0300 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
14:05:04.0931 0300 nvraid - ok
14:05:05.0046 0300 nvsmu (61a59fb62864eb3f32d24985a505ce03) C:\Windows\system32\DRIVERS\nvsmu.sys
14:05:05.0055 0300 nvsmu - ok
14:05:05.0118 0300 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
14:05:05.0132 0300 nvstor - ok
14:05:05.0163 0300 nvstor64 (71b6ecd3c56fbf12fb1968da3953b703) C:\Windows\system32\DRIVERS\nvstor64.sys
14:05:05.0178 0300 nvstor64 - ok
14:05:05.0567 0300 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
14:05:05.0647 0300 nvsvc - ok
14:05:06.0462 0300 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
14:05:06.0567 0300 nvUpdatusService - ok
14:05:07.0726 0300 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
14:05:07.0744 0300 nv_agp - ok
14:05:07.0748 0300 NwlnkFlt - ok
14:05:07.0757 0300 NwlnkFwd - ok
14:05:07.0842 0300 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
14:05:07.0916 0300 ohci1394 - ok
14:05:08.0063 0300 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:05:08.0081 0300 ose - ok
14:05:10.0710 0300 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:05:10.0922 0300 osppsvc - ok
14:05:11.0993 0300 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
14:05:12.0068 0300 p2pimsvc - ok
14:05:12.0078 0300 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
14:05:12.0138 0300 p2psvc - ok
14:05:12.0406 0300 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
14:05:12.0556 0300 Parport - ok
14:05:12.0599 0300 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
14:05:12.0613 0300 partmgr - ok
14:05:12.0731 0300 PCAMp50a64 (304e6ac43613a9c43896c4300009442b) C:\Windows\system32\Drivers\PCAMp50a64.sys
14:05:12.0746 0300 PCAMp50a64 - ok
14:05:13.0071 0300 PCASp50a64 (18b6869e23937175144e6f1d3cb85fc2) C:\Windows\system32\Drivers\PCASp50a64.sys
14:05:13.0081 0300 PCASp50a64 - ok
14:05:13.0112 0300 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
14:05:13.0170 0300 PcaSvc - ok
14:05:14.0814 0300 PCD5SRVC{048DBD20-445E8C82-05040104} (58c1cd52347c4835dc3606cd4723f426) C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms
14:05:14.0999 0300 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
14:05:15.0564 0300 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
14:05:15.0585 0300 pci - ok
14:05:15.0949 0300 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
14:05:15.0965 0300 pciide - ok
14:05:16.0087 0300 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
14:05:16.0106 0300 pcmcia - ok
14:05:16.0557 0300 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
14:05:16.0695 0300 PEAUTH - ok
14:05:17.0220 0300 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
14:05:17.0271 0300 PerfHost - ok
14:05:18.0182 0300 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
14:05:18.0294 0300 pla - ok
14:05:18.0353 0300 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
14:05:18.0395 0300 PlugPlay - ok
14:05:18.0413 0300 PnkBstrA - ok
14:05:18.0470 0300 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
14:05:18.0497 0300 PNRPAutoReg - ok
14:05:18.0507 0300 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
14:05:18.0537 0300 PNRPsvc - ok
14:05:18.0629 0300 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
14:05:18.0687 0300 PolicyAgent - ok
14:05:18.0754 0300 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
14:05:18.0794 0300 PptpMiniport - ok
14:05:18.0838 0300 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
14:05:18.0909 0300 Processor - ok
14:05:18.0952 0300 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
14:05:18.0985 0300 ProfSvc - ok
14:05:19.0013 0300 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
14:05:19.0036 0300 ProtectedStorage - ok
14:05:19.0084 0300 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
14:05:19.0114 0300 PSched - ok
14:05:19.0166 0300 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
14:05:19.0180 0300 PxHlpa64 - ok
14:05:19.0262 0300 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
14:05:19.0329 0300 ql2300 - ok
14:05:19.0355 0300 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
14:05:19.0371 0300 ql40xx - ok
14:05:19.0474 0300 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
14:05:19.0498 0300 QWAVE - ok
14:05:19.0520 0300 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
14:05:19.0548 0300 QWAVEdrv - ok
14:05:19.0669 0300 R300 (2a09a6b271d1f50adf5e33b37d460de6) C:\Windows\system32\DRIVERS\atikmdag.sys
14:05:19.0832 0300 R300 - ok
14:05:19.0990 0300 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
14:05:20.0054 0300 RasAcd - ok
14:05:20.0112 0300 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
14:05:20.0177 0300 RasAuto - ok
14:05:20.0211 0300 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:05:20.0264 0300 Rasl2tp - ok
14:05:20.0307 0300 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
14:05:20.0338 0300 RasMan - ok
14:05:20.0356 0300 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
14:05:20.0410 0300 RasPppoe - ok
14:05:20.0423 0300 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
14:05:20.0468 0300 RasSstp - ok
14:05:20.0501 0300 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
14:05:20.0533 0300 rdbss - ok
14:05:20.0612 0300 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:05:20.0653 0300 RDPCDD - ok
14:05:20.0677 0300 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
14:05:20.0726 0300 rdpdr - ok
14:05:20.0733 0300 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
14:05:20.0797 0300 RDPENCDD - ok
14:05:20.0854 0300 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
14:05:20.0941 0300 RDPWD - ok
14:05:20.0979 0300 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
14:05:21.0049 0300 RemoteAccess - ok
14:05:21.0103 0300 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
14:05:21.0146 0300 RemoteRegistry - ok
14:05:21.0167 0300 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
14:05:21.0201 0300 RpcLocator - ok
14:05:21.0254 0300 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
14:05:21.0298 0300 RpcSs - ok
14:05:21.0338 0300 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
14:05:21.0378 0300 rspndr - ok
14:05:21.0407 0300 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
14:05:21.0421 0300 SamSs - ok
14:05:21.0471 0300 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
14:05:21.0492 0300 sbp2port - ok
14:05:21.0523 0300 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
14:05:21.0606 0300 SCardSvr - ok
14:05:21.0720 0300 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
14:05:21.0820 0300 Schedule - ok
14:05:21.0880 0300 SCMNdisP (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys
14:05:21.0897 0300 SCMNdisP - ok
14:05:21.0923 0300 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
14:05:21.0959 0300 SCPolicySvc - ok
14:05:22.0000 0300 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
14:05:22.0083 0300 SDRSVC - ok
14:05:22.0107 0300 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:05:22.0176 0300 secdrv - ok
14:05:22.0192 0300 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
14:05:22.0234 0300 seclogon - ok
14:05:22.0255 0300 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
14:05:22.0299 0300 SENS - ok
14:05:22.0315 0300 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
14:05:22.0366 0300 Serenum - ok
14:05:22.0382 0300 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
14:05:22.0434 0300 Serial - ok
14:05:22.0442 0300 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
14:05:22.0478 0300 sermouse - ok
14:05:22.0506 0300 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
14:05:22.0573 0300 SessionEnv - ok
14:05:22.0612 0300 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
14:05:22.0675 0300 sffdisk - ok
14:05:22.0681 0300 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
14:05:22.0748 0300 sffp_mmc - ok
14:05:22.0755 0300 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
14:05:22.0820 0300 sffp_sd - ok
14:05:22.0826 0300 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
14:05:22.0900 0300 sfloppy - ok
14:05:22.0956 0300 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
14:05:23.0003 0300 SharedAccess - ok
14:05:23.0095 0300 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
14:05:23.0146 0300 ShellHWDetection - ok
14:05:23.0429 0300 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
14:05:23.0444 0300 SiSRaid2 - ok
14:05:23.0490 0300 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
14:05:23.0608 0300 SiSRaid4 - ok
14:05:23.0767 0300 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
14:05:23.0923 0300 slsvc - ok
14:05:24.0054 0300 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
14:05:24.0113 0300 SLUINotify - ok
14:05:24.0147 0300 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
14:05:24.0214 0300 Smb - ok
14:05:24.0283 0300 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
14:05:24.0306 0300 SNMPTRAP - ok
14:05:24.0321 0300 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
14:05:24.0336 0300 spldr - ok
14:05:24.0408 0300 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
14:05:24.0450 0300 Spooler - ok
14:05:24.0538 0300 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
14:05:24.0551 0300 sprtsvc_DellSupportCenter - ok
14:05:24.0620 0300 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
14:05:24.0657 0300 srv - ok
14:05:24.0725 0300 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
14:05:24.0748 0300 srv2 - ok
14:05:24.0766 0300 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
14:05:24.0782 0300 srvnet - ok
14:05:24.0818 0300 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
14:05:24.0855 0300 SSDPSRV - ok
14:05:24.0890 0300 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
14:05:24.0907 0300 SstpSvc - ok
14:05:24.0953 0300 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
14:05:25.0049 0300 stisvc - ok
14:05:25.0144 0300 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
14:05:25.0160 0300 stllssvr - ok
14:05:25.0202 0300 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
14:05:25.0219 0300 swenum - ok
14:05:25.0259 0300 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
14:05:25.0342 0300 swprv - ok
14:05:25.0401 0300 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
14:05:25.0413 0300 Symc8xx - ok
14:05:25.0428 0300 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
14:05:25.0441 0300 Sym_hi - ok
14:05:25.0456 0300 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
14:05:25.0468 0300 Sym_u3 - ok
14:05:25.0540 0300 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
14:05:25.0679 0300 SysMain - ok
14:05:25.0763 0300 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
14:05:25.0800 0300 TabletInputService - ok
14:05:25.0851 0300 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
14:05:25.0906 0300 TapiSrv - ok
14:05:25.0945 0300 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
14:05:25.0980 0300 TBS - ok
14:05:26.0116 0300 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
14:05:26.0204 0300 Tcpip - ok
14:05:26.0366 0300 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
14:05:26.0412 0300 Tcpip6 - ok
14:05:26.0553 0300 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
14:05:26.0625 0300 tcpipreg - ok
14:05:26.0690 0300 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
14:05:26.0751 0300 TDPIPE - ok
14:05:26.0779 0300 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
14:05:26.0822 0300 TDTCP - ok
14:05:26.0855 0300 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
14:05:26.0903 0300 tdx - ok
14:05:26.0943 0300 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
14:05:26.0965 0300 TermDD - ok
14:05:27.0033 0300 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
14:05:27.0105 0300 TermService - ok
14:05:27.0199 0300 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
14:05:27.0236 0300 Themes - ok
14:05:27.0277 0300 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
14:05:27.0333 0300 THREADORDER - ok
14:05:27.0449 0300 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
14:05:27.0522 0300 TrkWks - ok
14:05:27.0656 0300 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
14:05:27.0699 0300 TrustedInstaller - ok
14:05:27.0732 0300 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:05:27.0790 0300 tssecsrv - ok
14:05:27.0827 0300 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
14:05:27.0864 0300 tunmp - ok
14:05:27.0956 0300 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
14:05:27.0993 0300 tunnel - ok
14:05:28.0002 0300 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
14:05:28.0016 0300 uagp35 - ok
14:05:28.0086 0300 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
14:05:28.0142 0300 udfs - ok
14:05:28.0191 0300 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
14:05:28.0243 0300 UI0Detect - ok
14:05:28.0260 0300 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
14:05:28.0276 0300 uliagpkx - ok
14:05:28.0307 0300 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
14:05:28.0326 0300 uliahci - ok
14:05:28.0355 0300 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
14:05:28.0373 0300 UlSata - ok
14:05:28.0390 0300 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
14:05:28.0421 0300 ulsata2 - ok
14:05:28.0438 0300 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
14:05:28.0472 0300 umbus - ok
14:05:29.0045 0300 UpdaterService (132211270f2e846c4cd1c7bec980999a) C:\ProgramData\UpdaterService\wsupdsvc.exe
14:05:29.0083 0300 UpdaterService - ok
14:05:29.0161 0300 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
14:05:29.0238 0300 upnphost - ok
14:05:29.0318 0300 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
14:05:29.0354 0300 usbccgp - ok
14:05:29.0382 0300 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
14:05:29.0448 0300 usbcir - ok
14:05:29.0507 0300 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
14:05:29.0556 0300 usbehci - ok
14:05:29.0612 0300 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
14:05:29.0647 0300 usbhub - ok
14:05:29.0665 0300 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
14:05:29.0698 0300 usbohci - ok
14:05:29.0724 0300 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
14:05:29.0796 0300 usbprint - ok
14:05:29.0850 0300 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:05:29.0880 0300 USBSTOR - ok
14:05:29.0895 0300 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
14:05:29.0927 0300 usbuhci - ok
14:05:29.0962 0300 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
14:05:30.0003 0300 usbvideo - ok
14:05:30.0102 0300 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
14:05:30.0134 0300 usb_rndisx - ok
14:05:30.0194 0300 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
14:05:30.0229 0300 UxSms - ok
14:05:30.0270 0300 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
14:05:30.0311 0300 vds - ok
14:05:30.0336 0300 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
14:05:30.0384 0300 vga - ok
14:05:30.0395 0300 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
14:05:30.0456 0300 VgaSave - ok
14:05:30.0477 0300 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
14:05:30.0490 0300 viaide - ok
14:05:30.0525 0300 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
14:05:30.0542 0300 volmgr - ok
14:05:30.0624 0300 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
14:05:30.0649 0300 volmgrx - ok
14:05:30.0709 0300 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
14:05:30.0732 0300 volsnap - ok
14:05:30.0764 0300 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
14:05:30.0783 0300 vsmraid - ok
14:05:30.0871 0300 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
14:05:30.0949 0300 VSS - ok
14:05:31.0145 0300 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
14:05:31.0193 0300 vToolbarUpdater11.1.0 - ok
14:05:31.0326 0300 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
14:05:31.0368 0300 W32Time - ok
14:05:31.0449 0300 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
14:05:31.0524 0300 WacomPen - ok
14:05:31.0633 0300 WajamUpdater - ok
14:05:31.0663 0300 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:05:31.0691 0300 Wanarp - ok
14:05:31.0697 0300 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:05:31.0723 0300 Wanarpv6 - ok
14:05:31.0765 0300 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
14:05:31.0793 0300 wcncsvc - ok
14:05:31.0844 0300 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
14:05:31.0891 0300 WcsPlugInService - ok
14:05:31.0935 0300 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
14:05:31.0948 0300 Wd - ok
14:05:31.0996 0300 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
14:05:32.0043 0300 Wdf01000 - ok
14:05:32.0062 0300 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
14:05:32.0098 0300 WdiServiceHost - ok
14:05:32.0102 0300 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
14:05:32.0137 0300 WdiSystemHost - ok
14:05:32.0171 0300 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
14:05:32.0210 0300 WebClient - ok
14:05:32.0292 0300 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
14:05:32.0330 0300 Wecsvc - ok
14:05:32.0354 0300 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
14:05:32.0412 0300 wercplsupport - ok
14:05:32.0448 0300 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
14:05:32.0480 0300 WerSvc - ok
14:05:32.0526 0300 WinDefend - ok
14:05:32.0537 0300 WinHttpAutoProxySvc - ok
14:05:32.0601 0300 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
14:05:32.0647 0300 Winmgmt - ok
14:05:32.0798 0300 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
14:05:33.0156 0300 WinRM - ok
14:05:33.0485 0300 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
14:05:33.0583 0300 Wlansvc - ok
14:05:33.0672 0300 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:05:33.0695 0300 WmiAcpi - ok
14:05:33.0780 0300 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
14:05:33.0821 0300 wmiApSrv - ok
14:05:33.0907 0300 WMPNetworkSvc - ok
14:05:33.0965 0300 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
14:05:34.0032 0300 WPCSvc - ok
14:05:34.0611 0300 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
14:05:34.0682 0300 WPDBusEnum - ok
14:05:34.0731 0300 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
14:05:34.0746 0300 WpdUsb - ok
14:05:34.0949 0300 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:05:35.0014 0300 WPFFontCache_v0400 - ok
14:05:35.0076 0300 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
14:05:35.0131 0300 ws2ifsl - ok
14:05:35.0155 0300 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
14:05:35.0180 0300 wscsvc - ok
14:05:35.0185 0300 WSearch - ok
14:05:35.0296 0300 WSWNDA3100 (2a7db6a6f2c2e7cb40311d5b9340060d) C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
14:05:35.0310 0300 WSWNDA3100 ( UnsignedFile.Multi.Generic ) - warning
14:05:35.0310 0300 WSWNDA3100 - detected UnsignedFile.Multi.Generic (1)
14:05:35.0435 0300 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
14:05:35.0552 0300 wuauserv - ok
14:05:35.0682 0300 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:05:35.0729 0300 WUDFRd - ok
14:05:35.0802 0300 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
14:05:35.0914 0300 wudfsvc - ok
14:05:36.0009 0300 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
14:05:36.0070 0300 xusb21 - ok
14:05:36.0119 0300 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
14:05:36.0387 0300 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:05:36.0387 0300 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:05:36.0421 0300 Boot (0x1200) (37d0e85aaf898b480daa3466033dc416) \Device\Harddisk0\DR0\Partition0
14:05:36.0423 0300 \Device\Harddisk0\DR0\Partition0 - ok
14:05:36.0429 0300 Boot (0x1200) (191589481aaad8d517a62f2fe8feaa37) \Device\Harddisk0\DR0\Partition1
14:05:36.0430 0300 \Device\Harddisk0\DR0\Partition1 - ok
14:05:36.0432 0300 ============================================================
14:05:36.0433 0300 Scan finished
14:05:36.0433 0300 ============================================================
14:05:36.0459 5536 Detected object count: 3
14:05:36.0459 5536 Actual detected object count: 3
14:05:48.0402 5536 FOXOSDService ( UnsignedFile.Multi.Generic ) - skipped by user
14:05:48.0402 5536 FOXOSDService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:05:48.0405 5536 WSWNDA3100 ( UnsignedFile.Multi.Generic ) - skipped by user
14:05:48.0405 5536 WSWNDA3100 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:05:48.0487 5536 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
14:05:48.0515 5536 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
14:05:48.0525 5536 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
14:05:48.0535 5536 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
14:05:48.0569 5536 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
14:05:48.0583 5536 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
14:05:48.0586 5536 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
14:05:48.0589 5536 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
14:05:48.0592 5536 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
14:05:48.0596 5536 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
14:05:48.0600 5536 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
14:05:48.0603 5536 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
14:05:48.0604 5536 \Device\Harddisk0\DR0\TDLFS - deleted
14:05:48.0604 5536 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete


i did the quick scan and got,

OTL logfile created on: 5/20/2012 2:07:49 PM - Run 4
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Donna\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 38.70% Memory free
5.72 Gb Paging File | 3.44 Gb Available in Paging File | 60.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 156.45 Gb Free Space | 55.20% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 13.60 Gb Free Space | 92.83% Space Free | Partition Type: NTFS
Drive E: | 3.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ELEBYFAMILY-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/18 19:30:55 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Downloads\OTL.com
PRC - [2012/05/17 19:08:10 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012/05/04 21:33:08 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/28 19:55:11 | 000,549,744 | ---- | M] () -- C:\ProgramData\UpdaterService\wsupdsvc.exe
PRC - [2012/03/16 21:04:18 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe
PRC - [2012/01/19 01:50:51 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/18 19:18:25 | 003,082,320 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012/01/03 17:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/23 22:17:26 | 001,994,936 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2011/04/23 22:17:26 | 000,098,488 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/02/11 11:00:12 | 003,280,896 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/04 16:31:02 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2009/01/29 12:13:20 | 000,252,248 | ---- | M] () -- C:\Program Files (x86)\NextWindow\NextWindowGSA.exe
PRC - [2009/01/08 15:00:44 | 000,516,096 | ---- | M] (Dell Corporation) -- C:\Program Files (x86)\DELL\OSD\AIO_OSD.exe
PRC - [2008/12/22 15:59:12 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\DELL\OSD\OSDSvr.exe
PRC - [2008/12/17 23:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/05/23 14:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/18 03:44:13 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/18 03:41:56 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/18 03:41:32 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/17 19:08:15 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012/05/04 21:33:08 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/01/18 19:18:25 | 003,082,320 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012/01/16 21:08:53 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/04/23 22:18:10 | 000,100,208 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll
MOD - [2011/04/23 22:17:32 | 000,062,136 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll
MOD - [2011/04/23 22:16:44 | 000,250,552 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll
MOD - [2010/02/11 11:00:12 | 003,280,896 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2010/01/21 02:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 21:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/09/03 12:15:48 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
MOD - [2009/01/29 12:13:20 | 000,252,248 | ---- | M] () -- C:\Program Files (x86)\NextWindow\NextWindowGSA.exe
MOD - [2008/12/17 23:24:14 | 006,510,416 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtGui4.dll
MOD - [2008/12/17 23:24:14 | 001,657,168 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtCore4.dll
MOD - [2008/12/17 23:24:14 | 000,396,112 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtOpenGL4.dll
MOD - [2008/12/17 23:24:14 | 000,366,928 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtNetwork4.dll
MOD - [2008/12/17 23:24:14 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\SDL.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/05/31 20:32:58 | 000,244,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2010/05/31 20:32:58 | 000,199,032 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010/05/31 20:32:58 | 000,148,520 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/04/15 09:45:10 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/01/07 05:15:56 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/17 19:08:10 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/05/04 21:33:09 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/28 19:55:11 | 000,549,744 | ---- | M] () [Auto | Running] -- C:\ProgramData\UpdaterService\wsupdsvc.exe -- (UpdaterService)
SRV - [2012/01/19 01:50:51 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2010/06/12 09:52:30 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/04 16:31:02 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/22 15:59:12 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DELL\OSD\OSDSvr.exe -- (FOXOSDService)
SRV - [2008/12/16 21:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/05/31 20:32:58 | 000,528,616 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,440,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010/05/31 20:32:58 | 000,279,752 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,189,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,121,504 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,093,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010/05/31 20:32:58 | 000,075,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010/05/31 20:32:58 | 000,062,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2009/11/24 19:33:50 | 000,028,264 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\NVAMACPI.sys -- (nvamacpi)
DRV:64bit: - [2009/10/20 11:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\npf.sys -- (NPF)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/05 13:09:46 | 000,789,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2009/04/11 00:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/04/08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/01/07 05:25:52 | 000,252,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/11/28 09:31:02 | 000,015,448 | ---- | M] (Foxconn Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\FxOSDdrv64.sys -- (FXOSDDRV)
DRV:64bit: - [2008/10/01 17:44:06 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2008/09/24 19:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\facap.sys -- (FACAP)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/01/19 19:24:24 | 000,025,312 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\scmndisp.sys -- (SCMNdisP)
DRV:64bit: - [2006/11/28 22:46:20 | 000,043,328 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCAMp50a64.sys -- (PCAMp50a64)
DRV:64bit: - [2006/11/28 22:46:20 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/04 18:16:40 | 000,028,152 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Dell Support Center\HWDiag\bin\pcd5srvc_x64.pkms -- (PCD5SRVC{048DBD20-445E8C82-05040104})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-05-17 19:08:17&v=11.1.0.7&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan...s={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7SKPB_en
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-05-17 19:08:17&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://isearch.avg.c...9:08:17&sap=hp"
FF - prefs.js..keyword.URL: "http://isearch.avg.c...8:17&sap=ku&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Donna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/06/15 23:03:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\SDIV 2.0\Lib\xpi [2012/04/23 09:08:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/05/17 19:09:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/04 21:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\WhiteSmokeTranslator\WCaptureMoz

[2012/01/16 20:25:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\mozilla\Extensions
[2012/05/20 10:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions
[2012/04/15 01:41:03 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\[email protected]
[2012/02/20 22:58:26 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Donna\AppData\Roaming\mozilla\Firefox\Profiles\vdvzpmhl.default\extensions\[email protected]
[2012/01/03 17:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\vdvzpmhl.default\searchplugins\askcom.xml
[2012/05/19 15:37:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/23 09:08:12 | 000,000,000 | ---D | M] ("fbdownloader") -- C:\PROGRAM FILES (X86)\SDIV 2.0\LIB\XPI
[2012/05/17 19:09:36 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.7
[2012/05/04 21:33:09 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/17 19:07:59 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/08 10:53:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/08 10:53:28 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.c...sa&d=2012-05-17 19:08:17&v=11.1.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.goog...outputEncoding}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.15.1.22682_0\background/registryAccess.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.23_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Donna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Frostwire Toolbar = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.15.1.22682_0\
CHR - Extension: FBDownloader = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pollkeobaahnbmpcgombjfibedabcddd\1.0.4_0\

O1 HOSTS File: ([2012/05/19 15:43:01 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100907205750.dll (McAfee, Inc.)
O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (FBDownloader BHO) - {553318DA-D010-469E-84B1-496563CAE1BF} - C:\Program Files (x86)\HTTO Group, Ltd\FBDownloader IE Add-on\FBDownloader.dll (HTTO Group, Ltd)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100907205751.dll (McAfee, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll File not found
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll File not found
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" File not found
O4 - HKCU..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKLM..\RunOnce: [GamingWonderlandbar Uninstall] C:\Program Files (x86)\gtUninstall GamingWonderland.dll (MindSpark)
O4 - Startup: C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://aolsvc.aol.co...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEF64894-8527-424E-B0EF-D752FC8D719B}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi for Dell\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7b7033b5-5c38-11e1-a030-0024e8103d4c}\Shell - "" = AutoRun
O33 - MountPoints2\{7b7033b5-5c38-11e1-a030-0024e8103d4c}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{b2660798-847b-11e1-b131-0024e8103d4c}\Shell - "" = AutoRun
O33 - MountPoints2\{b2660798-847b-11e1-b131-0024e8103d4c}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Setup.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/20 10:07:04 | 000,693,648 | ---- | C] (MindSpark) -- C:\Program Files (x86)\gtUninstall GamingWonderland.dll
[2012/05/20 10:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/05/20 09:51:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/05/20 09:48:52 | 002,126,424 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Donna\Desktop\tdsskiller.exe
[2012/05/19 18:13:30 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Donna\Desktop\aswMBR.exe
[2012/05/19 18:12:43 | 001,973,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\Donna\Desktop\avg_remover_stf_x86_2012_2125.exe
[2012/05/19 17:56:23 | 002,899,344 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\Donna\Desktop\avg_remover_stf_x64_2012_2125.exe
[2012/05/19 16:23:51 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/05/19 16:22:14 | 004,498,818 | R--- | C] (Swearware) -- C:\Users\Donna\Desktop\ComboFix.exe
[2012/05/19 15:37:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/18 21:11:42 | 000,000,000 | ---D | C] -- C:\Crash
[2012/05/18 16:13:26 | 000,000,000 | ---D | C] -- C:\Users\Donna\Documents\My Games
[2012/05/18 14:53:00 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/05/18 10:59:31 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\SCE
[2012/05/18 10:48:04 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\GamersFirst LIVE!
[2012/05/18 10:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2012/05/18 10:45:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2012/05/17 20:17:32 | 000,000,000 | ---D | C] -- C:\Users\Donna\Documents\GTA San Andreas User Files
[2012/05/17 20:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012/05/17 20:01:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012/05/17 19:45:46 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012/05/17 19:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012/05/17 19:45:32 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2012/05/17 19:45:32 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2012/05/17 19:45:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc
[2012/05/17 19:10:24 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\PowerISO
[2012/05/17 19:10:03 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\AVG Secure Search
[2012/05/17 19:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/05/17 19:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/05/17 19:06:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/05/17 18:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicISO
[2012/05/17 18:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/17 18:54:33 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/17 17:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2012/05/17 17:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey
[2012/05/17 16:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/05/04 21:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/04 21:33:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/04/28 19:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\UpdaterService
[2012/04/23 09:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/04/23 09:08:50 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\CRE
[2012/04/23 09:08:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTTO Group, Ltd
[2012/04/23 09:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/04/23 09:08:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SDIV 2.0
[2012/04/23 09:08:09 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fbDownloader
[2012/04/23 09:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fbDownloader
[2012/04/23 09:08:02 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Conduit
[2012/04/23 09:08:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ViralTube3
[2012/04/21 11:30:41 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5

========== Files - Modified Within 30 Days ==========

[2012/05/20 14:05:14 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/20 14:05:14 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/20 14:05:14 | 000,104,202 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/20 13:58:57 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/20 13:58:57 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/20 13:45:11 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/20 09:59:16 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/05/20 09:59:09 | 000,000,680 | ---- | M] () -- C:\Users\Donna\AppData\Local\d3d9caps.dat
[2012/05/20 09:59:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/20 09:58:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/20 09:58:24 | 2951,991,296 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/20 09:48:57 | 002,126,424 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Donna\Desktop\tdsskiller.exe
[2012/05/20 01:31:12 | 000,000,209 | ---- | M] () -- C:\Users\Donna\Desktop\New Internet Shortcut.url
[2012/05/19 18:26:52 | 000,000,512 | ---- | M] () -- C:\Users\Donna\Desktop\MBR.dat
[2012/05/19 18:13:54 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Donna\Desktop\aswMBR.exe
[2012/05/19 18:12:44 | 001,973,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Donna\Desktop\avg_remover_stf_x86_2012_2125.exe
[2012/05/19 17:56:27 | 002,899,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Donna\Desktop\avg_remover_stf_x64_2012_2125.exe
[2012/05/19 16:25:39 | 584,418,400 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/05/19 16:22:35 | 004,498,818 | R--- | M] (Swearware) -- C:\Users\Donna\Desktop\ComboFix.exe
[2012/05/18 13:51:32 | 000,074,202 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\icarus-dxdiag.xml
[2012/05/18 13:07:27 | 1014,886,383 | ---- | M] () -- C:\Users\Donna\Fallen_Earth_20120301.bin1
[2012/05/18 13:01:19 | 033,416,344 | ---- | M] () -- C:\Users\Donna\Fallen_Earth_20120301.exe
[2012/05/18 10:45:42 | 000,000,997 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012/05/18 03:18:32 | 000,000,129 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2012/05/17 20:03:01 | 000,000,505 | ---- | M] () -- C:\Users\Donna\Documents\AutoHotkey.ahk
[2012/05/17 19:52:48 | 000,000,830 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2012/05/17 19:36:49 | 000,000,104 | ---- | M] () -- C:\Users\Donna\Desktop\Recycle Bin - Shortcut.lnk
[2012/05/17 17:56:57 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/08 23:00:30 | 000,000,033 | ---- | M] () -- C:\Users\Donna\.mjsync_en_US
[2012/04/22 16:19:12 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/04/21 16:04:49 | 000,020,480 | ---- | M] () -- C:\Users\Donna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/21 11:30:41 | 000,001,082 | ---- | M] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk

========== Files Created - No Company Name ==========

[2012/05/20 10:07:04 | 000,174,024 | ---- | C] () -- C:\Program Files (x86)\gtres.dll
[2012/05/20 01:31:04 | 000,000,209 | ---- | C] () -- C:\Users\Donna\Desktop\New Internet Shortcut.url
[2012/05/19 18:26:52 | 000,000,512 | ---- | C] () -- C:\Users\Donna\Desktop\MBR.dat
[2012/05/18 13:51:32 | 000,074,202 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\icarus-dxdiag.xml
[2012/05/18 10:58:58 | 000,002,046 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online Live.lnk
[2012/05/18 10:48:37 | 1014,886,383 | ---- | C] () -- C:\Users\Donna\Fallen_Earth_20120301.bin1
[2012/05/18 10:48:37 | 033,416,344 | ---- | C] () -- C:\Users\Donna\Fallen_Earth_20120301.exe
[2012/05/18 10:45:42 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012/05/17 19:45:46 | 000,000,830 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2012/05/17 19:36:49 | 000,000,104 | ---- | C] () -- C:\Users\Donna\Desktop\Recycle Bin - Shortcut.lnk
[2012/05/17 17:59:36 | 000,000,505 | ---- | C] () -- C:\Users\Donna\Documents\AutoHotkey.ahk
[2012/05/17 17:56:57 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/04/25 13:59:02 | 000,206,001 | ---- | C] () -- C:\Users\Donna\Documents\dayout2 034.jpg
[2012/04/22 16:19:12 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/04/21 11:30:41 | 000,001,082 | ---- | C] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.5.lnk
[2012/02/20 22:56:21 | 000,000,000 | ---- | C] () -- C:\ProgramData\6898ce999b73350f6e3e0f4ea43b73b5_c
[2012/02/20 22:55:13 | 000,075,024 | ---- | C] () -- C:\Windows\SysWow64\aad73f73.exe
[2012/01/19 01:50:56 | 000,281,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/19 01:50:51 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/17 14:11:53 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2012/01/16 20:03:14 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/05/31 01:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/05/31 01:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/04/23 22:18:10 | 000,100,208 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2011/04/23 22:17:32 | 000,062,136 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2011/04/23 22:16:44 | 000,250,552 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

========== LOP Check ==========

[2012/02/20 22:59:32 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Azureus
[2012/05/20 10:05:56 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\BitTorrent
[2012/01/16 12:45:52 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\BoneTown
[2012/01/17 01:58:49 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\DAEMON Tools Pro
[2012/02/05 20:35:35 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Firestorm
[2012/03/17 12:24:56 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Ludia
[2012/05/17 19:10:24 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\PowerISO
[2012/02/04 04:07:04 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\SecondLife
[2012/01/16 21:09:36 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Unity
[2009/08/18 09:14:10 | 000,000,238 | ---- | M] () -- C:\Windows\Tasks\PersonalAV.job
[2012/05/20 09:57:16 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:3A0561F3
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:89C6F032

< End of report >

my computers running alot faster, my dc universe hasn't crashed at all and runs smooth even on high textures and there hasn't been a popup since yesterday when i saw the update task not responding pop up. im gonna try to update my computer now because it wouldn't update before.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP