Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Google and its services redirecting (Chrome, FF) 2 computers affected.

Started by BoudiccaGruaim , May 30 2012 11:38 PM

Please log in to reply

#1
BoudiccaGruaim

Posted 30 May 2012 - 11:38 PM

New Member

Member
5 posts

I'm not sure this is even a virus/malware problem. If not, could a mod please move this to where it needs to be? Thanks.

I'm using Windows Vista, as is the other computer. The second computer is used occasionally... and as far as I know only visits the same websites (usually online games, e-mail and used for bills/banking), no real browsing.

Simply trying to browse the internet. I've had this problem off and on for a couple of weeks.

I've been having issues with Google and Google products like Youtube. It is often redirecting me to a page with a yellow box that says Welcome to google.com and a yellow search box.

http://s1267.photobu...ent=googred.jpg

Youtube is doing the same thing.

http://s1267.photobu...ent=youtube.jpg

This is what it's doing in chrome:

http://s1267.photobu...ooglechrome.jpg
http://s1267.photobu...utubechrome.jpg

And this is what I got when I tried to submit the problem to Google's WebSearch forum.

http://s1267.photobu...gleredirect.jpg

I've attempted to disable TDSSserve.sys but it is nowhere to be found (yes I did click "View hidden files")
http://s1267.photobu...rent=notdss.jpg

I've ran Kapersky TDSSKiller
http://s1267.photobu...=tdsskiller.jpg

I've ran an updated AVG virus scan and updated Malwarebytes.

I've ran CCleaner.

I've ran UnHackMe.

I've ran OTL.

I reset the router.

I've flushed dns, I've rebooted several times.

I've done everything I could find to do on various pc help forums, although most of them are 2 years old. I've even disabled firefox addons, though that is not the problem since it's occuring in chrome as well.

Also when I try to go to bleepingcomputer I get redirected.

http://s1267.photobu...terredirect.jpg

http://s1267.photobu...nt=bcchrome.jpg

It appears to be affecting both computers.

It is Google websites only. I can use everything else.

Included OTL file and the Extras thing it came up with.

Thank you for your time and effort.

OTL logfile created on: 5/31/2012 12:16:45 AM - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 51.40% Memory free
6.22 Gb Paging File | 4.55 Gb Available in Paging File | 73.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 450.71 Gb Total Space | 242.49 Gb Free Space | 53.80% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 4.74 Gb Free Space | 31.63% Space Free | Partition Type: NTFS
Drive G: | 3.74 Gb Total Space | 3.45 Gb Free Space | 92.46% Space Free | Partition Type: FAT32

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/31 00:15:52 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2012/05/04 13:17:40 | 000,595,216 | ---- | M] (Greatis Software) -- C:\Program Files\UnHackMe\hackmon.exe
PRC - [2012/05/04 09:34:11 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/19 04:51:54 | 001,254,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/29 15:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/02/29 15:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:53:14 | 000,758,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/10 13:18:14 | 003,244,912 | ---- | M] (Corel, Inc.) -- C:\Program Files\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exe
PRC - [2011/10/17 09:58:56 | 000,939,416 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/17 19:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/06/30 16:46:44 | 000,146,032 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2010/06/30 16:46:32 | 000,121,456 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2010/06/30 16:46:30 | 001,264,240 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Acer Display\eDisplay Management\dthtml.exe
PRC - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
PRC - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
PRC - [2010/04/16 15:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/12 03:40:46 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/09 03:39:05 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/09 03:37:49 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012/05/09 03:37:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 03:34:07 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/09 03:33:54 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012/05/09 03:33:44 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012/05/09 03:32:30 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/09 03:32:14 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/04 09:34:10 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/02/29 13:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012/02/12 21:33:04 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/02/05 20:23:37 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/10 13:16:46 | 000,030,576 | ---- | M] () -- C:\Program Files\Corel\Corel PaintShop Pro X4\wwh4api.dll
MOD - [2011/11/10 13:15:56 | 006,449,008 | ---- | M] () -- C:\Program Files\Corel\Corel PaintShop Pro X4\uipp.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/04/26 19:30:08 | 000,431,392 | ---- | M] () -- C:\Program Files\Corel\Corel PaintShop Pro X4\PsiClient.dll
MOD - [2011/01/21 16:44:13 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2861.39845__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2861.40070__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2861.39803__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2861.39858__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2861.40076__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.2861.40095__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2861.39817__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2861.39837__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2861.39824__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2861.40095__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2011/01/21 16:44:13 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2861.39825__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2861.39865__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2861.40018__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:11 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2820.26372__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2820.26370__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011/01/21 16:44:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2820.26369__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2820.26409__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011/01/21 16:44:11 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2820.26370__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2820.26382__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2820.26371__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2820.26375__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2820.26381__90ba9c70f846762e\DEM.OS.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2820.26382__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2820.26385__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2820.26376__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2820.26386__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011/01/21 16:44:10 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011/01/21 16:44:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2820.26396__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011/01/21 16:44:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2861.39832__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011/01/21 16:44:09 | 000,458,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2861.40053__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011/01/21 16:44:09 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2861.40061__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011/01/21 16:44:09 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2861.40060__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2861.40086__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011/01/21 16:44:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2820.26394__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2820.26370__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2820.26376__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2820.26375__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011/01/21 16:44:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2820.26372__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2861.40096__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011/01/21 16:44:08 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2861.39811__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011/01/21 16:44:08 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2861.39795__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011/01/21 16:44:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011/01/21 16:44:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2861.40061__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011/01/21 16:44:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011/01/21 16:44:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2820.26376__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011/01/21 16:44:07 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2861.39793__90ba9c70f846762e\APM.Server.dll
MOD - [2011/01/21 16:44:06 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2861.39794__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/06/30 16:46:42 | 000,236,144 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DThook.dll
MOD - [2010/06/30 16:46:26 | 000,084,592 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2010/06/30 16:37:38 | 000,172,032 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
MOD - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
MOD - [2007/03/02 11:44:34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/05/04 09:34:11 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 06:42:45 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/06/30 16:46:32 | 000,121,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2010/04/16 15:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/03/29 22:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/18 12:38:44 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 00:34:54 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/19 00:34:46 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008/01/19 00:34:36 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/05/30 20:56:46 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/29 18:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/17 07:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/10/11 18:36:12 | 000,135,296 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RzSynapse.sys -- (RzSynapse)
DRV - [2010/04/16 15:34:10 | 000,017,136 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2009/04/10 22:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/04/10 22:14:00 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2008/01/18 22:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/18 22:49:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/18 22:49:18 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2007/11/02 00:20:12 | 003,170,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/09/12 03:44:34 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/05/06 18:12:02 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/02/21 14:49:48 | 000,015,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2007/02/21 14:49:47 | 000,023,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2007/02/21 14:49:47 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2007/02/21 14:49:47 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/02/21 14:49:47 | 000,014,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2007/02/21 14:49:47 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2007/01/06 00:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2007/01/06 00:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce™
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2006/11/02 04:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2006/11/02 04:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2006/11/02 04:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2006/11/02 04:49:32 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2006/11/02 04:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2006/11/02 04:03:00 | 000,242,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2006/11/02 03:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 03:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 03:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006/11/02 03:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2006/11/02 03:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2006/11/02 03:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 03:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 03:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 03:51:38 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2006/11/02 03:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2006/11/02 03:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2006/11/02 03:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 03:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2006/11/02 03:35:03 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2006/11/02 03:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2006/11/02 03:30:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2006/11/02 03:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2006/11/02 03:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2006/11/02 03:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 C6 B8 2F 68 E4 CC 01 [binary data]
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.facebook....riwestern.edu/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/05/29 10:00:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/31 21:30:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/09 10:49:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/04 09:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/12 03:27:42 | 000,000,000 | ---D | M]

[2012/02/05 20:13:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2012/05/28 21:53:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\9ofhl484.default\extensions
[2012/05/22 22:13:15 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\9ofhl484.default\extensions\[email protected]
[2012/02/17 14:06:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/28 21:53:10 | 000,524,866 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/05/22 22:13:15 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/05/22 22:13:12 | 000,118,971 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\[email protected]
[2012/05/04 09:34:11 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 08:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 08:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DT ACR] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe ()
O4 - HKLM..\Run: [Razer Anansi Driver] C:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2145506375-2984372104-633398988-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2145506375-2984372104-633398988-1002..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D38FC0F2-8E84-40B6-8A2E-CC5EA5127C67}: DhcpNameServer = 192.168.3.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\Desktop\backgrounds\haunted_house.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\Desktop\backgrounds\haunted_house.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (Partizan)
O34 - HKLM BootExecute: (ountPoints2\{f59c945d-25eb-11e0-9826-001ec9505a89}\Shell\Autoplay\DropTarget\)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/31 00:15:50 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/30 21:09:24 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Owner\Desktop\HiJackThis.exe
[2012/05/30 20:56:46 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/05/30 20:56:46 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/05/30 20:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2012/05/30 20:56:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\RegRun2
[2012/05/30 20:56:27 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\System32\drivers\UnHackMeDrv.sys
[2012/05/30 20:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2012/05/30 20:56:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo
[2012/05/30 20:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2012/05/29 10:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/23 07:05:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\tdsskiller
[2012/05/22 23:10:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/05/22 23:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/05/09 10:48:31 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/05/09 10:48:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AVG2012
[2012/05/09 10:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/05/09 01:42:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\New Folder
[2012/05/08 17:12:50 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/08 17:12:50 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/08 17:12:50 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/05/08 17:12:50 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/05/08 17:12:50 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/05/08 17:11:26 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/08 17:11:26 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/08 17:11:25 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/05/08 16:39:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\backgrounds
[2012/05/04 09:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/04 09:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

========== Files - Modified Within 30 Days ==========

[2012/05/31 00:15:52 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/31 00:00:02 | 000,058,651 | ---- | M] () -- C:\Users\Owner\Desktop\bcchrome.jpg
[2012/05/30 23:58:39 | 000,120,967 | ---- | M] () -- C:\Users\Owner\Desktop\bleepingcomputerredirect.jpg
[2012/05/30 23:33:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000UA.job
[2012/05/30 23:28:31 | 000,333,314 | ---- | M] () -- C:\Users\Owner\Desktop\wet-shirt-big-boobs-3.jpg
[2012/05/30 22:44:56 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/30 22:44:56 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/30 21:58:20 | 000,121,990 | ---- | M] () -- C:\Users\Owner\Desktop\askgoogleredirect.jpg
[2012/05/30 21:38:05 | 000,072,656 | ---- | M] () -- C:\Users\Owner\Desktop\notdss.jpg
[2012/05/30 21:35:15 | 000,038,938 | ---- | M] () -- C:\Users\Owner\Desktop\tdsskiller.jpg
[2012/05/30 21:34:10 | 002,108,959 | ---- | M] () -- C:\Users\Owner\Desktop\tdsskiller(1).zip
[2012/05/30 21:30:07 | 000,123,684 | ---- | M] () -- C:\Users\Owner\Desktop\youtube2.jpg
[2012/05/30 21:29:12 | 000,123,135 | ---- | M] () -- C:\Users\Owner\Desktop\youtube1.jpg
[2012/05/30 21:24:10 | 002,108,959 | ---- | M] () -- C:\Users\Owner\Desktop\tdsskiller.zip
[2012/05/30 21:09:25 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Owner\Desktop\HiJackThis.exe
[2012/05/30 20:56:46 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/05/30 20:56:46 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/05/30 20:56:31 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/05/30 20:56:31 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[2012/05/30 20:56:31 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2012/05/30 20:56:28 | 000,000,752 | ---- | M] () -- C:\Users\Owner\Desktop\UnHackMe.lnk
[2012/05/30 20:56:00 | 011,891,666 | ---- | M] () -- C:\Users\Owner\Desktop\unhackme.zip
[2012/05/30 20:51:20 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/30 20:51:20 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/30 20:50:34 | 000,059,842 | ---- | M] () -- C:\Users\Owner\Desktop\youtubechrome.jpg
[2012/05/30 20:50:01 | 000,060,261 | ---- | M] () -- C:\Users\Owner\Desktop\googlechrome.jpg
[2012/05/30 20:49:05 | 000,035,870 | ---- | M] () -- C:\Users\Owner\Desktop\youtube.jpg
[2012/05/30 20:44:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/30 19:54:57 | 000,124,379 | ---- | M] () -- C:\Users\Owner\Desktop\googred.jpg
[2012/05/30 17:53:50 | 099,522,551 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/05/30 17:52:38 | 000,476,001 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/05/30 15:33:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000Core.job
[2012/05/29 10:00:56 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/26 20:21:10 | 000,830,270 | ---- | M] () -- C:\Users\Owner\Desktop\sade_120_days_pdf.zip
[2012/05/25 19:39:37 | 000,030,349 | ---- | M] () -- C:\Users\Owner\Desktop\victorian_spank.jpg
[2012/05/23 23:35:33 | 000,002,042 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2012/05/23 23:35:33 | 000,002,004 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/23 21:09:21 | 000,238,914 | ---- | M] () -- C:\Users\Owner\Documents\wbccollage.jpg
[2012/05/22 23:17:17 | 000,013,892 | ---- | M] () -- C:\Users\Owner\Documents\cc_20120522_231707.reg
[2012/05/22 23:16:46 | 000,094,248 | ---- | M] () -- C:\Users\Owner\Documents\cc_20120522_231630.reg
[2012/05/22 23:10:55 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/22 22:10:51 | 000,357,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/20 20:31:52 | 000,088,194 | ---- | M] () -- C:\Users\Owner\Desktop\rof.jpg
[2012/05/19 20:12:54 | 000,018,957 | ---- | M] () -- C:\Users\Owner\Desktop\metal.jpg
[2012/05/15 02:16:08 | 000,040,130 | ---- | M] () -- C:\Users\Owner\Desktop\225.jpg
[2012/05/14 23:06:21 | 000,025,768 | ---- | M] () -- C:\Users\Owner\Desktop\cov3.jpg
[2012/05/14 22:31:01 | 000,042,200 | ---- | M] () -- C:\Users\Owner\Desktop\540372_143668185766692_100003705349347_174945_1648790776_n.jpg
[2012/05/14 17:20:03 | 000,018,930 | ---- | M] () -- C:\Users\Owner\Desktop\cov2.jpg
[2012/05/14 17:16:24 | 000,017,719 | ---- | M] () -- C:\Users\Owner\Desktop\cov1.jpg
[2012/05/14 17:04:18 | 000,087,130 | ---- | M] () -- C:\Users\Owner\Desktop\_c864077_image_0.jpg
[2012/05/13 20:37:26 | 000,819,046 | ---- | M] () -- C:\Users\Owner\Desktop\Flames.jpg
[2012/05/13 13:47:20 | 000,026,899 | ---- | M] () -- C:\Users\Owner\Desktop\baphomet.jpg
[2012/05/13 13:46:54 | 000,223,500 | ---- | M] () -- C:\Users\Owner\Desktop\Satan.png
[2012/05/13 13:46:19 | 000,043,192 | ---- | M] () -- C:\Users\Owner\Desktop\satanskull.jpg
[2012/05/13 13:45:26 | 000,369,059 | ---- | M] () -- C:\Users\Owner\Desktop\graveyard-of-[bleep]-satanic.jpg
[2012/05/13 13:32:52 | 000,033,520 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_3.jpg
[2012/05/13 13:32:45 | 000,064,651 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_1.jpg
[2012/05/13 13:32:33 | 000,038,955 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_10.jpg
[2012/05/13 13:19:18 | 000,153,748 | ---- | M] () -- C:\Users\Owner\Desktop\devil-1600x1200.jpg
[2012/05/04 13:17:48 | 000,012,800 | ---- | M] (Greatis Software, LLC.) -- C:\Windows\System32\drivers\UnHackMeDrv.sys

========== Files Created - No Company Name ==========

[2012/05/31 00:00:02 | 000,058,651 | ---- | C] () -- C:\Users\Owner\Desktop\bcchrome.jpg
[2012/05/30 23:58:39 | 000,120,967 | ---- | C] () -- C:\Users\Owner\Desktop\bleepingcomputerredirect.jpg
[2012/05/30 23:28:30 | 000,333,314 | ---- | C] () -- C:\Users\Owner\Desktop\wet-shirt-big-boobs-3.jpg
[2012/05/30 21:58:20 | 000,121,990 | ---- | C] () -- C:\Users\Owner\Desktop\askgoogleredirect.jpg
[2012/05/30 21:38:05 | 000,072,656 | ---- | C] () -- C:\Users\Owner\Desktop\notdss.jpg
[2012/05/30 21:35:15 | 000,038,938 | ---- | C] () -- C:\Users\Owner\Desktop\tdsskiller.jpg
[2012/05/30 21:33:42 | 002,108,959 | ---- | C] () -- C:\Users\Owner\Desktop\tdsskiller(1).zip
[2012/05/30 21:30:07 | 000,123,684 | ---- | C] () -- C:\Users\Owner\Desktop\youtube2.jpg
[2012/05/30 21:29:12 | 000,123,135 | ---- | C] () -- C:\Users\Owner\Desktop\youtube1.jpg
[2012/05/30 21:23:54 | 002,108,959 | ---- | C] () -- C:\Users\Owner\Desktop\tdsskiller.zip
[2012/05/30 20:56:31 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2012/05/30 20:56:28 | 000,000,752 | ---- | C] () -- C:\Users\Owner\Desktop\UnHackMe.lnk
[2012/05/30 20:54:51 | 011,891,666 | ---- | C] () -- C:\Users\Owner\Desktop\unhackme.zip
[2012/05/30 20:50:34 | 000,059,842 | ---- | C] () -- C:\Users\Owner\Desktop\youtubechrome.jpg
[2012/05/30 20:49:53 | 000,060,261 | ---- | C] () -- C:\Users\Owner\Desktop\googlechrome.jpg
[2012/05/30 20:49:04 | 000,035,870 | ---- | C] () -- C:\Users\Owner\Desktop\youtube.jpg
[2012/05/30 19:54:57 | 000,124,379 | ---- | C] () -- C:\Users\Owner\Desktop\googred.jpg
[2012/05/26 20:21:04 | 000,830,270 | ---- | C] () -- C:\Users\Owner\Desktop\sade_120_days_pdf.zip
[2012/05/25 19:39:36 | 000,030,349 | ---- | C] () -- C:\Users\Owner\Desktop\victorian_spank.jpg
[2012/05/23 21:09:21 | 000,238,914 | ---- | C] () -- C:\Users\Owner\Documents\wbccollage.jpg
[2012/05/22 23:17:11 | 000,013,892 | ---- | C] () -- C:\Users\Owner\Documents\cc_20120522_231707.reg
[2012/05/22 23:16:35 | 000,094,248 | ---- | C] () -- C:\Users\Owner\Documents\cc_20120522_231630.reg
[2012/05/22 23:10:55 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/20 20:31:52 | 000,088,194 | ---- | C] () -- C:\Users\Owner\Desktop\rof.jpg
[2012/05/19 20:12:54 | 000,018,957 | ---- | C] () -- C:\Users\Owner\Desktop\metal.jpg
[2012/05/14 23:06:21 | 000,025,768 | ---- | C] () -- C:\Users\Owner\Desktop\cov3.jpg
[2012/05/14 22:56:41 | 000,040,130 | ---- | C] () -- C:\Users\Owner\Desktop\225.jpg
[2012/05/14 22:29:36 | 000,042,200 | ---- | C] () -- C:\Users\Owner\Desktop\540372_143668185766692_100003705349347_174945_1648790776_n.jpg
[2012/05/14 17:20:03 | 000,018,930 | ---- | C] () -- C:\Users\Owner\Desktop\cov2.jpg
[2012/05/14 17:16:24 | 000,017,719 | ---- | C] () -- C:\Users\Owner\Desktop\cov1.jpg
[2012/05/14 17:04:17 | 000,087,130 | ---- | C] () -- C:\Users\Owner\Desktop\_c864077_image_0.jpg
[2012/05/13 20:37:25 | 000,819,046 | ---- | C] () -- C:\Users\Owner\Desktop\Flames.jpg
[2012/05/13 13:47:19 | 000,026,899 | ---- | C] () -- C:\Users\Owner\Desktop\baphomet.jpg
[2012/05/13 13:46:53 | 000,223,500 | ---- | C] () -- C:\Users\Owner\Desktop\Satan.png
[2012/05/13 13:46:19 | 000,043,192 | ---- | C] () -- C:\Users\Owner\Desktop\satanskull.jpg
[2012/05/13 13:45:25 | 000,369,059 | ---- | C] () -- C:\Users\Owner\Desktop\graveyard-of-[bleep]-satanic.jpg
[2012/05/13 13:32:51 | 000,033,520 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_3.jpg
[2012/05/13 13:32:45 | 000,064,651 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_1.jpg
[2012/05/13 13:32:32 | 000,038,955 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_10.jpg
[2012/05/13 13:19:17 | 000,153,748 | ---- | C] () -- C:\Users\Owner\Desktop\devil-1600x1200.jpg
[2012/05/09 10:50:14 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/04/07 14:26:41 | 000,007,432 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2012/03/12 22:37:42 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/01/24 12:24:12 | 000,004,608 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/23 20:55:28 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/01/23 20:55:28 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/01/22 13:35:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/22 13:34:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/01/22 13:34:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/01/21 16:46:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/01/21 16:42:20 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011/01/21 16:42:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/01/21 16:42:20 | 000,154,206 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/01/21 16:42:20 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/01/21 16:42:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2011/01/21 16:18:19 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:23BEBB72

< End of report >

OTL Extras logfile created on: 5/31/2012 12:16:45 AM - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 51.40% Memory free
6.22 Gb Paging File | 4.55 Gb Available in Paging File | 73.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 450.71 Gb Total Space | 242.49 Gb Free Space | 53.80% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 4.74 Gb Free Space | 31.63% Space Free | Partition Type: NTFS
Drive G: | 3.74 Gb Total Space | 3.45 Gb Free Space | 92.46% Space Free | Partition Type: FAT32

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Corel PaintShop Pro X4] -- "c:\Program Files\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A195A6-8131-4C75-99B0-67AA07A9F5C0}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{0B7CAF3B-8969-4BB8-A631-2F0710B313E6}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
"{22A4ABBF-0FD7-4B52-8918-4DCC12AE57A3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{27F1004F-9DC8-4E86-9EBD-CD05D831824D}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{42995629-661B-4E72-9418-C9A14E28D12C}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{4752819A-6F35-45B7-BFBA-04584FF7422D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{517550DC-6328-4FFA-9010-994B459343ED}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{563ABA24-EA20-4A2D-852C-38A070462FA0}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{590A80A0-4AA9-4AA6-B0B9-61E6AD31B554}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{5B5ED752-28C9-48AE-95D7-A5E2997B9F00}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{6E9DEFCE-3C40-4440-8701-0762D4FAC275}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{739F018F-F676-437D-976D-64F979E200ED}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{813CBD2E-F865-4292-9B8B-87AE1E29EB99}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{85411A58-DC32-4E33-8A1C-AD6031AD951C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{BBB91A01-A3A6-4C20-B1B7-320AB0E65029}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
"{DA580E53-A6BA-4C9A-9E11-3CEDA0B5E9B7}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"TCP Query User{44B4AC20-6A88-426F-9700-0DDF74B6013F}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{61CE2878-D9D0-4145-8C46-5629AF493444}C:\program files\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"TCP Query User{A1F7A93A-A43D-46A8-BEAA-E85796DA42D7}C:\program files\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{28249CBF-080D-42DE-9A16-6361BFA6F7CC}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{86D68C32-5F61-407F-9E66-AD681B640500}C:\program files\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"UDP Query User{9CB5812E-9CD1-4BCD-A6EB-60EFABA578B7}C:\program files\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{00580795-581C-4587-B9F2-37320D7AB37F}" = Corel PaintShop Pro X4
"{00580795-581C-4587-B9F2-37320D7AB37F}" = ICA
"{006CAAEF-CA96-4181-AC22-FE56D61432E4}" = PSPPContent
"{00AE1A2D-7BC2-4359-A0EC-E19F36E391BB}" = Corel PaintShop Pro X4
"{00BEE329-BAAB-49FF-9B66-55E4B12B9ADD}" = IPM_PSP_COM
"{00D13418-7DDF-4D3D-A237-E297B103BB6B}" = Setup
"{00D74A7A-F7AD-4D00-ABD2-0973836292C7}" = PSPPHelp
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Pro Plugin
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{4073AAEC-B01B-4000-BC9B-1447E3A7BD87}" = AVG 2012
"{47F8EE35-905B-9429-FC0E-6B989C0812E6}" = Catalyst Control Center Core Implementation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1BE6FA-7066-3305-F781-BEF038B20ABF}" = ATI Catalyst Install Manager
"{4DBD094A-1D35-61D5-F3A0-4458DCAD37C2}" = Catalyst Control Center Graphics Previews Common
"{58AA0670-2352-424B-BE5F-CF59EDD07EA0}" = Razer Anansi
"{640B596F-A338-8B00-B7B9-C372B68F4C9F}" = ccc-core-static
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{715A7636-C48B-181A-D221-C8C4D942A0C0}" = Catalyst Control Center Graphics Full New
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111097223}" = Saints & Sinners Bowling
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AE51E45-F0B9-3BE4-4946-1B6D41D16A4A}" = CCC Help English
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B9DB42C-02E9-C357-0078-8C0071A0A4D9}" = Catalyst Control Center Graphics Previews Vista
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A154BBC7-5211-63EE-54F1-DDE3FF25BD0A}" = Catalyst Control Center Graphics Light
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A586DC50-B18D-48FB-B7CC-A598200457C2}" = Acer eDisplay Management
"{A7836FF5-7293-40A4-B86E-E2038F82E8F3}" = AVG 2012
"{A8406091-51A7-FCAF-9F51-86FE36BD346E}" = Catalyst Control Center Graphics Full Existing
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C1A628C2-92CC-BC23-BA13-18C6CFD2222E}" = ccc-utility
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E596BCF1-93C9-F90B-B01E-EBCF4231F2C7}" = Skins
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG" = AVG 2012
"AVS DVD Player_is1" = AVS DVD Player version 2.1
"CCleaner" = CCleaner
"DivX Setup" = DivX Setup
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PROSet" = Intel® PRO Network Connections Drivers
"UnHackMe_is1" = UnHackMe 5.99 release
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/29/2012 6:25:51 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3031
Description =

Error - 5/29/2012 6:27:32 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3031
Description =

Error - 5/29/2012 6:27:32 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3031
Description =

Error - 5/29/2012 6:27:42 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3031
Description =

Error - 5/29/2012 6:28:10 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3031
Description =

Error - 5/29/2012 6:28:13 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3031
Description =

Error - 5/29/2012 6:28:40 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3031
Description =

Error - 5/29/2012 6:31:03 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3031
Description =

Error - 5/29/2012 6:31:04 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 5/29/2012 6:31:36 PM | Computer Name = Owner-PC | Source = ESENT | ID = 104
Description = Windows (3252) Windows: The database engine stopped the instance (0)
with error (-1090).

[ System Events ]
Error - 4/7/2012 3:32:43 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =

Error - 4/12/2012 4:27:36 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10005
Description =

Error - 4/12/2012 4:27:36 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 4/12/2012 4:27:36 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/3/2012 7:40:38 AM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:38:45 AM on 5/3/2012 was unexpected.

Error - 5/3/2012 7:42:55 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 5/3/2012 7:42:55 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/6/2012 8:42:17 PM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:40:02 PM on 5/6/2012 was unexpected.

Error - 5/6/2012 8:46:26 PM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:44:06 PM on 5/6/2012 was unexpected.

Error - 5/9/2012 4:27:55 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =

< End of report >

#2
Gammo

Posted 03 June 2012 - 08:29 AM

Member 2k

Malware Removal
2,299 posts

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Check the box that says Scan All Users.
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

#3
BoudiccaGruaim

Posted 03 June 2012 - 01:35 PM

New Member

Topic Starter
Member
5 posts

The problem, as predicted, has cleared up for the time being.

However, it's still not fixed since I've done nothing TO fix it. It's just a matter of time until I get the symptoms listed in my original post.

Ran OTL, but it only gave me one text, not the Extras.

OTL logfile created on: 6/3/2012 2:29:02 PM - Run 2
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 40.37% Memory free
6.22 Gb Paging File | 4.32 Gb Available in Paging File | 69.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 450.71 Gb Total Space | 240.43 Gb Free Space | 53.35% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 4.74 Gb Free Space | 31.63% Space Free | Partition Type: NTFS
Drive G: | 3.74 Gb Total Space | 3.45 Gb Free Space | 92.46% Space Free | Partition Type: FAT32

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/31 00:15:52 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2012/05/04 09:34:11 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/19 04:51:54 | 001,254,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/29 15:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/02/29 15:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:53:14 | 000,758,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/17 09:58:56 | 000,939,416 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/17 19:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/06/30 16:46:44 | 000,146,032 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2010/06/30 16:46:32 | 000,121,456 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2010/06/30 16:46:30 | 001,264,240 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Acer Display\eDisplay Management\dthtml.exe
PRC - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
PRC - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
PRC - [2010/04/16 15:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/12 03:40:46 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/09 03:39:05 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/09 03:37:49 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012/05/09 03:37:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 03:34:07 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/09 03:33:54 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012/05/09 03:33:44 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012/05/09 03:32:30 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/09 03:32:14 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/04 09:34:10 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/02/29 13:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012/02/12 21:33:04 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/02/05 20:23:37 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/01/21 16:44:13 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2861.39845__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2861.40070__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2861.39803__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2861.39858__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2861.40076__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.2861.40095__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2861.39817__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2861.39837__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2861.39824__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2861.40095__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2011/01/21 16:44:13 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2861.39825__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2861.39865__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2861.40018__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:11 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2820.26372__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2820.26370__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011/01/21 16:44:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2820.26369__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2820.26409__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011/01/21 16:44:11 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2820.26370__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2820.26382__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2820.26371__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2820.26375__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2820.26381__90ba9c70f846762e\DEM.OS.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2820.26382__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2820.26385__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2820.26376__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2820.26386__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011/01/21 16:44:10 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011/01/21 16:44:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2820.26396__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011/01/21 16:44:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2861.39832__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011/01/21 16:44:09 | 000,458,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2861.40053__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011/01/21 16:44:09 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2861.40061__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011/01/21 16:44:09 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2861.40060__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2861.40086__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011/01/21 16:44:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2820.26394__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2820.26370__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2820.26376__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2820.26375__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011/01/21 16:44:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2820.26372__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2861.40096__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011/01/21 16:44:08 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2861.39811__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011/01/21 16:44:08 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2861.39795__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011/01/21 16:44:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011/01/21 16:44:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2861.40061__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011/01/21 16:44:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011/01/21 16:44:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2820.26376__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011/01/21 16:44:07 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2861.39793__90ba9c70f846762e\APM.Server.dll
MOD - [2011/01/21 16:44:06 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2861.39794__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/06/30 16:46:42 | 000,236,144 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DThook.dll
MOD - [2010/06/30 16:46:26 | 000,084,592 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2010/06/30 16:37:38 | 000,172,032 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
MOD - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
MOD - [2007/03/02 11:44:34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/05/04 09:34:11 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 06:42:45 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/06/30 16:46:32 | 000,121,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2010/04/16 15:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/03/29 22:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/18 12:38:44 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 00:34:54 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/19 00:34:46 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008/01/19 00:34:36 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/05/30 20:56:46 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/29 18:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/17 07:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/10/11 18:36:12 | 000,135,296 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RzSynapse.sys -- (RzSynapse)
DRV - [2010/04/16 15:34:10 | 000,017,136 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2009/04/10 22:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/04/10 22:14:00 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2008/01/18 22:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/18 22:49:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/18 22:49:18 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2007/11/02 00:20:12 | 003,170,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/09/12 03:44:34 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/05/06 18:12:02 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/02/21 14:49:48 | 000,015,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2007/02/21 14:49:47 | 000,023,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2007/02/21 14:49:47 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2007/02/21 14:49:47 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/02/21 14:49:47 | 000,014,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2007/02/21 14:49:47 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2007/01/06 00:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2007/01/06 00:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce™
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2006/11/02 04:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2006/11/02 04:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2006/11/02 04:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2006/11/02 04:49:32 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2006/11/02 04:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2006/11/02 04:03:00 | 000,242,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2006/11/02 03:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 03:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 03:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006/11/02 03:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2006/11/02 03:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2006/11/02 03:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 03:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 03:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 03:51:38 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2006/11/02 03:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2006/11/02 03:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2006/11/02 03:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 03:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2006/11/02 03:35:03 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2006/11/02 03:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2006/11/02 03:30:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2006/11/02 03:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2006/11/02 03:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2006/11/02 03:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 C6 B8 2F 68 E4 CC 01 [binary data]
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook....riwestern.edu/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/05/29 10:00:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/31 21:30:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/09 10:49:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/04 09:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/12 03:27:42 | 000,000,000 | ---D | M]

[2012/02/05 20:13:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2012/05/28 21:53:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\9ofhl484.default\extensions
[2012/05/22 22:13:15 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\9ofhl484.default\extensions\[email protected]
[2012/02/17 14:06:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/28 21:53:10 | 000,524,866 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/05/22 22:13:15 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/05/22 22:13:12 | 000,118,971 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\[email protected]
[2012/05/04 09:34:11 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 08:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 08:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DT ACR] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe ()
O4 - HKLM..\Run: [Razer Anansi Driver] C:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2145506375-2984372104-633398988-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2145506375-2984372104-633398988-1002..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2145506375-2984372104-633398988-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11e_Plugin.exe (Adobe Systems, Inc.)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D38FC0F2-8E84-40B6-8A2E-CC5EA5127C67}: DhcpNameServer = 192.168.3.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\Desktop\backgrounds\haunted_house.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\Desktop\backgrounds\haunted_house.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (Partizan)
O34 - HKLM BootExecute: (ountPoints2\{f59c945d-25eb-11e0-9826-001ec9505a89}\Shell\Autoplay\DropTarget\)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/31 13:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/05/31 13:42:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/05/31 00:15:50 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/30 21:09:24 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Owner\Desktop\HiJackThis.exe
[2012/05/30 20:56:46 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/05/30 20:56:46 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/05/30 20:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2012/05/30 20:56:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\RegRun2
[2012/05/30 20:56:27 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\System32\drivers\UnHackMeDrv.sys
[2012/05/30 20:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2012/05/30 20:56:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo
[2012/05/30 20:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2012/05/29 10:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/23 07:05:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\tdsskiller
[2012/05/22 23:10:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/05/22 23:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/05/09 10:48:31 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/05/09 10:48:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AVG2012
[2012/05/09 10:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/05/09 01:42:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\New Folder
[2012/05/08 16:39:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\backgrounds

========== Files - Modified Within 30 Days ==========

[2012/06/03 13:33:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000UA.job
[2012/06/03 12:44:54 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/03 12:44:54 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/03 08:05:41 | 099,696,927 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/06/02 15:33:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000Core.job
[2012/05/31 18:32:11 | 000,491,395 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/05/31 13:42:46 | 000,002,523 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/05/31 13:34:15 | 001,402,880 | ---- | M] () -- C:\Users\Owner\Desktop\HijackThis.msi
[2012/05/31 02:35:47 | 000,109,562 | ---- | M] () -- C:\Users\Owner\Desktop\early-cuyler-squidbillies-1307596-1024-768.jpg
[2012/05/31 00:15:52 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/31 00:00:02 | 000,058,651 | ---- | M] () -- C:\Users\Owner\Desktop\bcchrome.jpg
[2012/05/30 23:58:39 | 000,120,967 | ---- | M] () -- C:\Users\Owner\Desktop\bleepingcomputerredirect.jpg
[2012/05/30 21:58:20 | 000,121,990 | ---- | M] () -- C:\Users\Owner\Desktop\askgoogleredirect.jpg
[2012/05/30 21:38:05 | 000,072,656 | ---- | M] () -- C:\Users\Owner\Desktop\notdss.jpg
[2012/05/30 21:35:15 | 000,038,938 | ---- | M] () -- C:\Users\Owner\Desktop\tdsskiller.jpg
[2012/05/30 21:34:10 | 002,108,959 | ---- | M] () -- C:\Users\Owner\Desktop\tdsskiller(1).zip
[2012/05/30 21:30:07 | 000,123,684 | ---- | M] () -- C:\Users\Owner\Desktop\youtube2.jpg
[2012/05/30 21:29:12 | 000,123,135 | ---- | M] () -- C:\Users\Owner\Desktop\youtube1.jpg
[2012/05/30 21:24:10 | 002,108,959 | ---- | M] () -- C:\Users\Owner\Desktop\tdsskiller.zip
[2012/05/30 21:09:25 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Owner\Desktop\HiJackThis.exe
[2012/05/30 20:56:46 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/05/30 20:56:46 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/05/30 20:56:31 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/05/30 20:56:31 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[2012/05/30 20:56:31 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2012/05/30 20:56:28 | 000,000,752 | ---- | M] () -- C:\Users\Owner\Desktop\UnHackMe.lnk
[2012/05/30 20:56:00 | 011,891,666 | ---- | M] () -- C:\Users\Owner\Desktop\unhackme.zip
[2012/05/30 20:51:20 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/30 20:51:20 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/30 20:50:34 | 000,059,842 | ---- | M] () -- C:\Users\Owner\Desktop\youtubechrome.jpg
[2012/05/30 20:50:01 | 000,060,261 | ---- | M] () -- C:\Users\Owner\Desktop\googlechrome.jpg
[2012/05/30 20:49:05 | 000,035,870 | ---- | M] () -- C:\Users\Owner\Desktop\youtube.jpg
[2012/05/30 20:44:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/30 19:54:57 | 000,124,379 | ---- | M] () -- C:\Users\Owner\Desktop\googred.jpg
[2012/05/29 10:00:56 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/26 20:21:10 | 000,830,270 | ---- | M] () -- C:\Users\Owner\Desktop\sade_120_days_pdf.zip
[2012/05/25 19:39:37 | 000,030,349 | ---- | M] () -- C:\Users\Owner\Desktop\victorian_spank.jpg
[2012/05/23 23:35:33 | 000,002,042 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2012/05/23 23:35:33 | 000,002,004 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/23 21:09:21 | 000,238,914 | ---- | M] () -- C:\Users\Owner\Documents\wbccollage.jpg
[2012/05/22 23:17:17 | 000,013,892 | ---- | M] () -- C:\Users\Owner\Documents\cc_20120522_231707.reg
[2012/05/22 23:16:46 | 000,094,248 | ---- | M] () -- C:\Users\Owner\Documents\cc_20120522_231630.reg
[2012/05/22 23:10:55 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/22 22:10:51 | 000,357,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/20 20:31:52 | 000,088,194 | ---- | M] () -- C:\Users\Owner\Desktop\rof.jpg
[2012/05/19 20:12:54 | 000,018,957 | ---- | M] () -- C:\Users\Owner\Desktop\metal.jpg
[2012/05/15 02:16:08 | 000,040,130 | ---- | M] () -- C:\Users\Owner\Desktop\225.jpg
[2012/05/14 23:06:21 | 000,025,768 | ---- | M] () -- C:\Users\Owner\Desktop\cov3.jpg
[2012/05/14 22:31:01 | 000,042,200 | ---- | M] () -- C:\Users\Owner\Desktop\540372_143668185766692_100003705349347_174945_1648790776_n.jpg
[2012/05/14 17:20:03 | 000,018,930 | ---- | M] () -- C:\Users\Owner\Desktop\cov2.jpg
[2012/05/14 17:16:24 | 000,017,719 | ---- | M] () -- C:\Users\Owner\Desktop\cov1.jpg
[2012/05/14 17:04:18 | 000,087,130 | ---- | M] () -- C:\Users\Owner\Desktop\_c864077_image_0.jpg
[2012/05/13 20:37:26 | 000,819,046 | ---- | M] () -- C:\Users\Owner\Desktop\Flames.jpg
[2012/05/13 13:47:20 | 000,026,899 | ---- | M] () -- C:\Users\Owner\Desktop\baphomet.jpg
[2012/05/13 13:46:54 | 000,223,500 | ---- | M] () -- C:\Users\Owner\Desktop\Satan.png
[2012/05/13 13:46:19 | 000,043,192 | ---- | M] () -- C:\Users\Owner\Desktop\satanskull.jpg
[2012/05/13 13:45:26 | 000,369,059 | ---- | M] () -- C:\Users\Owner\Desktop\graveyard-of-[bleep]-satanic.jpg
[2012/05/13 13:32:52 | 000,033,520 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_3.jpg
[2012/05/13 13:32:45 | 000,064,651 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_1.jpg
[2012/05/13 13:32:33 | 000,038,955 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_10.jpg
[2012/05/13 13:19:18 | 000,153,748 | ---- | M] () -- C:\Users\Owner\Desktop\devil-1600x1200.jpg

========== Files Created - No Company Name ==========

[2012/05/31 13:42:22 | 000,002,523 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/05/31 13:34:08 | 001,402,880 | ---- | C] () -- C:\Users\Owner\Desktop\HijackThis.msi
[2012/05/31 02:35:46 | 000,109,562 | ---- | C] () -- C:\Users\Owner\Desktop\early-cuyler-squidbillies-1307596-1024-768.jpg
[2012/05/31 00:00:02 | 000,058,651 | ---- | C] () -- C:\Users\Owner\Desktop\bcchrome.jpg
[2012/05/30 23:58:39 | 000,120,967 | ---- | C] () -- C:\Users\Owner\Desktop\bleepingcomputerredirect.jpg
[2012/05/30 21:58:20 | 000,121,990 | ---- | C] () -- C:\Users\Owner\Desktop\askgoogleredirect.jpg
[2012/05/30 21:38:05 | 000,072,656 | ---- | C] () -- C:\Users\Owner\Desktop\notdss.jpg
[2012/05/30 21:35:15 | 000,038,938 | ---- | C] () -- C:\Users\Owner\Desktop\tdsskiller.jpg
[2012/05/30 21:33:42 | 002,108,959 | ---- | C] () -- C:\Users\Owner\Desktop\tdsskiller(1).zip
[2012/05/30 21:30:07 | 000,123,684 | ---- | C] () -- C:\Users\Owner\Desktop\youtube2.jpg
[2012/05/30 21:29:12 | 000,123,135 | ---- | C] () -- C:\Users\Owner\Desktop\youtube1.jpg
[2012/05/30 21:23:54 | 002,108,959 | ---- | C] () -- C:\Users\Owner\Desktop\tdsskiller.zip
[2012/05/30 20:56:31 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2012/05/30 20:56:28 | 000,000,752 | ---- | C] () -- C:\Users\Owner\Desktop\UnHackMe.lnk
[2012/05/30 20:54:51 | 011,891,666 | ---- | C] () -- C:\Users\Owner\Desktop\unhackme.zip
[2012/05/30 20:50:34 | 000,059,842 | ---- | C] () -- C:\Users\Owner\Desktop\youtubechrome.jpg
[2012/05/30 20:49:53 | 000,060,261 | ---- | C] () -- C:\Users\Owner\Desktop\googlechrome.jpg
[2012/05/30 20:49:04 | 000,035,870 | ---- | C] () -- C:\Users\Owner\Desktop\youtube.jpg
[2012/05/30 19:54:57 | 000,124,379 | ---- | C] () -- C:\Users\Owner\Desktop\googred.jpg
[2012/05/26 20:21:04 | 000,830,270 | ---- | C] () -- C:\Users\Owner\Desktop\sade_120_days_pdf.zip
[2012/05/25 19:39:36 | 000,030,349 | ---- | C] () -- C:\Users\Owner\Desktop\victorian_spank.jpg
[2012/05/23 21:09:21 | 000,238,914 | ---- | C] () -- C:\Users\Owner\Documents\wbccollage.jpg
[2012/05/22 23:17:11 | 000,013,892 | ---- | C] () -- C:\Users\Owner\Documents\cc_20120522_231707.reg
[2012/05/22 23:16:35 | 000,094,248 | ---- | C] () -- C:\Users\Owner\Documents\cc_20120522_231630.reg
[2012/05/22 23:10:55 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/20 20:31:52 | 000,088,194 | ---- | C] () -- C:\Users\Owner\Desktop\rof.jpg
[2012/05/19 20:12:54 | 000,018,957 | ---- | C] () -- C:\Users\Owner\Desktop\metal.jpg
[2012/05/14 23:06:21 | 000,025,768 | ---- | C] () -- C:\Users\Owner\Desktop\cov3.jpg
[2012/05/14 22:56:41 | 000,040,130 | ---- | C] () -- C:\Users\Owner\Desktop\225.jpg
[2012/05/14 22:29:36 | 000,042,200 | ---- | C] () -- C:\Users\Owner\Desktop\540372_143668185766692_100003705349347_174945_1648790776_n.jpg
[2012/05/14 17:20:03 | 000,018,930 | ---- | C] () -- C:\Users\Owner\Desktop\cov2.jpg
[2012/05/14 17:16:24 | 000,017,719 | ---- | C] () -- C:\Users\Owner\Desktop\cov1.jpg
[2012/05/14 17:04:17 | 000,087,130 | ---- | C] () -- C:\Users\Owner\Desktop\_c864077_image_0.jpg
[2012/05/13 20:37:25 | 000,819,046 | ---- | C] () -- C:\Users\Owner\Desktop\Flames.jpg
[2012/05/13 13:47:19 | 000,026,899 | ---- | C] () -- C:\Users\Owner\Desktop\baphomet.jpg
[2012/05/13 13:46:53 | 000,223,500 | ---- | C] () -- C:\Users\Owner\Desktop\Satan.png
[2012/05/13 13:46:19 | 000,043,192 | ---- | C] () -- C:\Users\Owner\Desktop\satanskull.jpg
[2012/05/13 13:45:25 | 000,369,059 | ---- | C] () -- C:\Users\Owner\Desktop\graveyard-of-[bleep]-satanic.jpg
[2012/05/13 13:32:51 | 000,033,520 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_3.jpg
[2012/05/13 13:32:45 | 000,064,651 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_1.jpg
[2012/05/13 13:32:32 | 000,038,955 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_10.jpg
[2012/05/13 13:19:17 | 000,153,748 | ---- | C] () -- C:\Users\Owner\Desktop\devil-1600x1200.jpg
[2012/05/09 10:50:14 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/04/07 14:26:41 | 000,007,432 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2012/03/12 22:37:42 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/01/24 12:24:12 | 000,004,608 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/23 20:55:28 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/01/23 20:55:28 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/01/22 13:35:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/22 13:34:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/01/22 13:34:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/01/21 16:46:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/01/21 16:42:20 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011/01/21 16:42:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/01/21 16:42:20 | 000,154,206 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/01/21 16:42:20 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/01/21 16:42:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2011/01/21 16:18:19 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat

========== LOP Check ==========

[2012/03/10 12:19:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Atari
[2011/01/23 21:43:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Auslogics
[2012/05/09 10:48:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2012
[2012/04/07 14:35:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DisplayTune
[2012/03/10 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2012/03/04 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Oberon Media
[2012/02/11 14:42:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org
[2012/03/22 14:24:03 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ulead Systems
[2012/05/30 20:43:43 | 000,026,486 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:23BEBB72

< End of report >

#4
Gammo

Posted 04 June 2012 - 04:54 AM

Member 2k

Malware Removal
2,299 posts

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.
Accept the disclaimer and allow to update if it asks
When finished, it shall produce a log for you.
Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

#5
BoudiccaGruaim

Posted 04 June 2012 - 03:07 PM

New Member

Topic Starter
Member
5 posts

Like I predicted, the problem started up again. It lasted about 10 minutes this time. It's doing the same thing as displayed in the screencaps in my original post.

14:19:22.0723 14064 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
14:19:23.0034 14064 ============================================================
14:19:23.0034 14064 Current date / time: 2012/06/04 14:19:23.0034
14:19:23.0034 14064 SystemInfo:
14:19:23.0034 14064
14:19:23.0034 14064 OS Version: 6.0.6002 ServicePack: 2.0
14:19:23.0034 14064 Product type: Workstation
14:19:23.0034 14064 ComputerName: OWNER-PC
14:19:23.0034 14064 UserName: Owner
14:19:23.0034 14064 Windows directory: C:\Windows
14:19:23.0034 14064 System windows directory: C:\Windows
14:19:23.0034 14064 Processor architecture: Intel x86
14:19:23.0034 14064 Number of processors: 4
14:19:23.0034 14064 Page size: 0x1000
14:19:23.0034 14064 Boot type: Normal boot
14:19:23.0034 14064 ============================================================
14:19:23.0517 14064 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:19:23.0545 14064 Drive \Device\Harddisk1\DR2 - Size: 0xEF300000 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:19:23.0546 14064 ============================================================
14:19:23.0546 14064 \Device\Harddisk0\DR0:
14:19:23.0551 14064 MBR partitions:
14:19:23.0551 14064 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1E00000
14:19:23.0551 14064 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E1B800, BlocksNum 0x3856A000
14:19:23.0551 14064 \Device\Harddisk1\DR2:
14:19:23.0552 14064 MBR partitions:
14:19:23.0552 14064 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7797E0
14:19:23.0552 14064 ============================================================
14:19:23.0622 14064 C: <-> \Device\Harddisk0\DR0\Partition1
14:19:23.0656 14064 D: <-> \Device\Harddisk0\DR0\Partition0
14:19:23.0656 14064 ============================================================
14:19:23.0656 14064 Initialize success
14:19:23.0656 14064 ============================================================
14:25:36.0287 20844 ============================================================
14:25:36.0287 20844 Scan started
14:25:36.0287 20844 Mode: Manual; SigCheck; TDLFS;
14:25:36.0287 20844 ============================================================
14:25:37.0415 20844 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:25:37.0522 20844 ACPI - ok
14:25:37.0610 20844 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:25:37.0620 20844 AdobeARMservice - ok
14:25:37.0653 20844 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
14:25:37.0679 20844 adp94xx - ok
14:25:37.0724 20844 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
14:25:37.0748 20844 adpahci - ok
14:25:37.0759 20844 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
14:25:37.0775 20844 adpu160m - ok
14:25:37.0792 20844 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
14:25:37.0808 20844 adpu320 - ok
14:25:37.0847 20844 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
14:25:37.0956 20844 AeLookupSvc - ok
14:25:38.0029 20844 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:25:38.0114 20844 AFD - ok
14:25:38.0146 20844 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
14:25:38.0156 20844 agp440 - ok
14:25:38.0185 20844 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:25:38.0198 20844 aic78xx - ok
14:25:38.0235 20844 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
14:25:38.0339 20844 ALG - ok
14:25:38.0358 20844 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
14:25:38.0367 20844 aliide - ok
14:25:38.0377 20844 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
14:25:38.0388 20844 amdagp - ok
14:25:38.0394 20844 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
14:25:38.0404 20844 amdide - ok
14:25:38.0424 20844 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
14:25:38.0559 20844 AmdK7 - ok
14:25:38.0569 20844 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
14:25:38.0623 20844 AmdK8 - ok
14:25:38.0689 20844 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
14:25:38.0734 20844 Appinfo - ok
14:25:38.0761 20844 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
14:25:38.0771 20844 arc - ok
14:25:38.0799 20844 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
14:25:38.0810 20844 arcsas - ok
14:25:38.0863 20844 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:25:38.0897 20844 AsyncMac - ok
14:25:38.0920 20844 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
14:25:38.0931 20844 atapi - ok
14:25:38.0974 20844 Ati External Event Utility (74279ed618c00eb4c534ba2b21583cbb) C:\Windows\system32\Ati2evxx.exe
14:25:39.0035 20844 Ati External Event Utility - ok
14:25:39.0198 20844 atikmdag (d9527f4bde7e18077a33623f0bc8eb86) C:\Windows\system32\DRIVERS\atikmdag.sys
14:25:39.0398 20844 atikmdag - ok
14:25:39.0513 20844 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
14:25:39.0561 20844 AudioEndpointBuilder - ok
14:25:39.0565 20844 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
14:25:39.0583 20844 Audiosrv - ok
14:25:39.0834 20844 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files\AVG\AVG2012\avgidsagent.exe
14:25:39.0944 20844 AVGIDSAgent - ok
14:25:40.0056 20844 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
14:25:40.0098 20844 AVGIDSDriver - ok
14:25:40.0114 20844 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
14:25:40.0134 20844 AVGIDSFilter - ok
14:25:40.0151 20844 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\Windows\system32\DRIVERS\avgidshx.sys
14:25:40.0161 20844 AVGIDSHX - ok
14:25:40.0226 20844 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
14:25:40.0234 20844 AVGIDSShim - ok
14:25:40.0256 20844 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
14:25:40.0279 20844 Avgldx86 - ok
14:25:40.0288 20844 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
14:25:40.0297 20844 Avgmfx86 - ok
14:25:40.0312 20844 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
14:25:40.0320 20844 Avgrkx86 - ok
14:25:40.0339 20844 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\Windows\system32\DRIVERS\avgtdix.sys
14:25:40.0363 20844 Avgtdix - ok
14:25:40.0487 20844 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
14:25:40.0501 20844 avgwd - ok
14:25:40.0550 20844 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:25:40.0581 20844 Beep - ok
14:25:40.0639 20844 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
14:25:40.0672 20844 BFE - ok
14:25:40.0742 20844 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
14:25:40.0862 20844 BITS - ok
14:25:40.0871 20844 blbdrive - ok
14:25:40.0924 20844 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:25:40.0964 20844 bowser - ok
14:25:41.0016 20844 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:25:41.0041 20844 BrFiltLo - ok
14:25:41.0059 20844 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:25:41.0129 20844 BrFiltUp - ok
14:25:41.0196 20844 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
14:25:41.0234 20844 Browser - ok
14:25:41.0257 20844 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:25:41.0300 20844 Brserid - ok
14:25:41.0320 20844 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:25:41.0378 20844 BrSerWdm - ok
14:25:41.0416 20844 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:25:41.0470 20844 BrUsbMdm - ok
14:25:41.0490 20844 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:25:41.0544 20844 BrUsbSer - ok
14:25:41.0562 20844 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:25:41.0617 20844 BTHMODEM - ok
14:25:41.0674 20844 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:25:41.0715 20844 cdfs - ok
14:25:41.0772 20844 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:25:41.0808 20844 cdrom - ok
14:25:41.0860 20844 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
14:25:41.0877 20844 CertPropSvc - ok
14:25:41.0899 20844 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
14:25:41.0938 20844 circlass - ok
14:25:41.0968 20844 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:25:41.0994 20844 CLFS - ok
14:25:42.0087 20844 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:25:42.0099 20844 clr_optimization_v2.0.50727_32 - ok
14:25:42.0202 20844 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:25:42.0260 20844 clr_optimization_v4.0.30319_32 - ok
14:25:42.0280 20844 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
14:25:42.0290 20844 cmdide - ok
14:25:42.0310 20844 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
14:25:42.0321 20844 Compbatt - ok
14:25:42.0327 20844 COMSysApp - ok
14:25:42.0334 20844 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
14:25:42.0345 20844 crcdisk - ok
14:25:42.0355 20844 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
14:25:42.0402 20844 Crusoe - ok
14:25:42.0448 20844 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
14:25:42.0475 20844 CryptSvc - ok
14:25:42.0531 20844 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
14:25:42.0598 20844 DcomLaunch - ok
14:25:42.0641 20844 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:25:42.0679 20844 DfsC - ok
14:25:42.0831 20844 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
14:25:42.0993 20844 DFSR - ok
14:25:43.0078 20844 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
14:25:43.0110 20844 Dhcp - ok
14:25:43.0159 20844 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:25:43.0171 20844 disk - ok
14:25:43.0211 20844 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
14:25:43.0244 20844 Dnscache - ok
14:25:43.0266 20844 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
14:25:43.0284 20844 dot3svc - ok
14:25:43.0330 20844 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
14:25:43.0361 20844 DPS - ok
14:25:43.0404 20844 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:25:43.0444 20844 drmkaud - ok
14:25:43.0545 20844 DTSRVC (0cedf29cfa2e1209456d98c2ee4ae6f5) C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
14:25:43.0559 20844 DTSRVC - ok
14:25:43.0612 20844 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:25:43.0647 20844 DXGKrnl - ok
14:25:43.0665 20844 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
14:25:43.0677 20844 e1express - ok
14:25:43.0741 20844 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:25:43.0796 20844 E1G60 - ok
14:25:43.0861 20844 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
14:25:43.0943 20844 EapHost - ok
14:25:44.0031 20844 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:25:44.0050 20844 Ecache - ok
14:25:44.0139 20844 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
14:25:44.0164 20844 ehRecvr - ok
14:25:44.0180 20844 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
14:25:44.0248 20844 ehSched - ok
14:25:44.0256 20844 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
14:25:44.0274 20844 ehstart - ok
14:25:44.0303 20844 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
14:25:44.0328 20844 elxstor - ok
14:25:44.0378 20844 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
14:25:44.0472 20844 EMDMgmt - ok
14:25:44.0517 20844 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
14:25:44.0549 20844 EventSystem - ok
14:25:44.0569 20844 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:25:44.0615 20844 exfat - ok
14:25:44.0633 20844 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:25:44.0665 20844 fastfat - ok
14:25:44.0696 20844 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
14:25:44.0744 20844 fdc - ok
14:25:44.0781 20844 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
14:25:44.0802 20844 fdPHost - ok
14:25:44.0822 20844 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
14:25:44.0872 20844 FDResPub - ok
14:25:44.0877 20844 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:25:44.0900 20844 FileInfo - ok
14:25:44.0908 20844 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:25:44.0941 20844 Filetrace - ok
14:25:44.0963 20844 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
14:25:45.0000 20844 flpydisk - ok
14:25:45.0038 20844 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:25:45.0056 20844 FltMgr - ok
14:25:45.0136 20844 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
14:25:45.0239 20844 FontCache - ok
14:25:45.0359 20844 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:25:45.0369 20844 FontCache3.0.0.0 - ok
14:25:45.0415 20844 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
14:25:45.0472 20844 Fs_Rec - ok
14:25:45.0497 20844 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
14:25:45.0508 20844 gagp30kx - ok
14:25:45.0560 20844 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
14:25:45.0599 20844 gpsvc - ok
14:25:45.0675 20844 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
14:25:45.0726 20844 HdAudAddService - ok
14:25:45.0762 20844 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:25:45.0855 20844 HDAudBus - ok
14:25:45.0864 20844 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:25:45.0922 20844 HidBth - ok
14:25:45.0973 20844 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:25:46.0019 20844 HidIr - ok
14:25:46.0080 20844 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
14:25:46.0104 20844 hidserv - ok
14:25:46.0166 20844 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:25:46.0183 20844 HidUsb - ok
14:25:46.0232 20844 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
14:25:46.0264 20844 hkmsvc - ok
14:25:46.0274 20844 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
14:25:46.0284 20844 HpCISSs - ok
14:25:46.0335 20844 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
14:25:46.0442 20844 HTTP - ok
14:25:46.0470 20844 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
14:25:46.0480 20844 i2omp - ok
14:25:46.0580 20844 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:25:46.0608 20844 i8042prt - ok
14:25:46.0622 20844 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
14:25:46.0646 20844 iaStorV - ok
14:25:46.0732 20844 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:25:46.0833 20844 idsvc - ok
14:25:46.0861 20844 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:25:46.0871 20844 iirsp - ok
14:25:46.0932 20844 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
14:25:46.0962 20844 IKEEXT - ok
14:25:47.0017 20844 intelide (1c60617d54bc9f035671a44b75d9f7cc) C:\Windows\system32\drivers\intelide.sys
14:25:47.0026 20844 intelide - ok
14:25:47.0063 20844 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:25:47.0094 20844 intelppm - ok
14:25:47.0165 20844 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
14:25:47.0187 20844 IPBusEnum - ok
14:25:47.0224 20844 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:25:47.0256 20844 IpFilterDriver - ok
14:25:47.0300 20844 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
14:25:47.0346 20844 iphlpsvc - ok
14:25:47.0348 20844 IpInIp - ok
14:25:47.0365 20844 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
14:25:47.0411 20844 IPMIDRV - ok
14:25:47.0441 20844 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:25:47.0470 20844 IPNAT - ok
14:25:47.0513 20844 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:25:47.0535 20844 IRENUM - ok
14:25:47.0545 20844 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
14:25:47.0556 20844 isapnp - ok
14:25:47.0592 20844 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:25:47.0611 20844 iScsiPrt - ok
14:25:47.0623 20844 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:25:47.0634 20844 iteatapi - ok
14:25:47.0642 20844 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:25:47.0653 20844 iteraid - ok
14:25:47.0685 20844 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:25:47.0697 20844 kbdclass - ok
14:25:47.0717 20844 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
14:25:47.0741 20844 kbdhid - ok
14:25:47.0772 20844 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:25:47.0813 20844 KeyIso - ok
14:25:47.0867 20844 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
14:25:47.0898 20844 KSecDD - ok
14:25:47.0996 20844 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
14:25:48.0096 20844 KtmRm - ok
14:25:48.0157 20844 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
14:25:48.0220 20844 LanmanServer - ok
14:25:48.0269 20844 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
14:25:48.0316 20844 LanmanWorkstation - ok
14:25:48.0354 20844 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:25:48.0391 20844 lltdio - ok
14:25:48.0414 20844 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
14:25:48.0462 20844 lltdsvc - ok
14:25:48.0502 20844 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
14:25:48.0539 20844 lmhosts - ok
14:25:48.0562 20844 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
14:25:48.0573 20844 LSI_FC - ok
14:25:48.0586 20844 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
14:25:48.0596 20844 LSI_SAS - ok
14:25:48.0619 20844 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
14:25:48.0630 20844 LSI_SCSI - ok
14:25:48.0673 20844 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:25:48.0701 20844 luafv - ok
14:25:48.0748 20844 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
14:25:48.0758 20844 MBAMProtector - ok
14:25:48.0847 20844 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:25:48.0877 20844 MBAMService - ok
14:25:48.0895 20844 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
14:25:48.0918 20844 Mcx2Svc - ok
14:25:48.0933 20844 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
14:25:48.0943 20844 megasas - ok
14:25:49.0004 20844 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:25:49.0041 20844 MMCSS - ok
14:25:49.0057 20844 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:25:49.0098 20844 Modem - ok
14:25:49.0148 20844 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:25:49.0170 20844 monitor - ok
14:25:49.0208 20844 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:25:49.0219 20844 mouclass - ok
14:25:49.0222 20844 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:25:49.0243 20844 mouhid - ok
14:25:49.0284 20844 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:25:49.0295 20844 MountMgr - ok
14:25:49.0348 20844 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:25:49.0364 20844 MozillaMaintenance - ok
14:25:49.0394 20844 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
14:25:49.0405 20844 mpio - ok
14:25:49.0413 20844 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:25:49.0432 20844 mpsdrv - ok
14:25:49.0481 20844 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
14:25:49.0560 20844 MpsSvc - ok
14:25:49.0578 20844 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:25:49.0588 20844 Mraid35x - ok
14:25:49.0609 20844 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:25:49.0623 20844 MRxDAV - ok
14:25:49.0671 20844 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:25:49.0705 20844 mrxsmb - ok
14:25:49.0727 20844 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:25:49.0759 20844 mrxsmb10 - ok
14:25:49.0774 20844 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:25:49.0799 20844 mrxsmb20 - ok
14:25:49.0821 20844 msahci (f0ec3a4e0693a34b148723b4da31668c) C:\Windows\system32\drivers\msahci.sys
14:25:49.0831 20844 msahci - ok
14:25:49.0846 20844 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
14:25:49.0858 20844 msdsm - ok
14:25:49.0897 20844 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
14:25:49.0926 20844 MSDTC - ok
14:25:49.0975 20844 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:25:50.0010 20844 Msfs - ok
14:25:50.0036 20844 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:25:50.0046 20844 msisadrv - ok
14:25:50.0073 20844 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
14:25:50.0117 20844 MSiSCSI - ok
14:25:50.0119 20844 msiserver - ok
14:25:50.0172 20844 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:25:50.0204 20844 MSKSSRV - ok
14:25:50.0246 20844 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:25:50.0267 20844 MSPCLOCK - ok
14:25:50.0279 20844 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:25:50.0301 20844 MSPQM - ok
14:25:50.0344 20844 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:25:50.0361 20844 MsRPC - ok
14:25:50.0369 20844 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:25:50.0379 20844 mssmbios - ok
14:25:50.0384 20844 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:25:50.0415 20844 MSTEE - ok
14:25:50.0454 20844 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:25:50.0466 20844 Mup - ok
14:25:50.0514 20844 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
14:25:50.0534 20844 napagent - ok
14:25:50.0579 20844 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:25:50.0606 20844 NativeWifiP - ok
14:25:50.0638 20844 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:25:50.0672 20844 NDIS - ok
14:25:50.0730 20844 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:25:50.0757 20844 NdisTapi - ok
14:25:50.0771 20844 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:25:50.0792 20844 Ndisuio - ok
14:25:50.0808 20844 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:25:50.0845 20844 NdisWan - ok
14:25:50.0862 20844 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:25:50.0880 20844 NDProxy - ok
14:25:50.0917 20844 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:25:50.0941 20844 NetBIOS - ok
14:25:50.0982 20844 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:25:51.0008 20844 netbt - ok
14:25:51.0045 20844 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:25:51.0057 20844 Netlogon - ok
14:25:51.0096 20844 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
14:25:51.0138 20844 Netman - ok
14:25:51.0178 20844 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
14:25:51.0220 20844 netprofm - ok
14:25:51.0284 20844 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:25:51.0300 20844 NetTcpPortSharing - ok
14:25:51.0318 20844 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:25:51.0328 20844 nfrd960 - ok
14:25:51.0337 20844 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
14:25:51.0377 20844 NlaSvc - ok
14:25:51.0395 20844 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:25:51.0433 20844 Npfs - ok
14:25:51.0468 20844 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
14:25:51.0503 20844 nsi - ok
14:25:51.0513 20844 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:25:51.0545 20844 nsiproxy - ok
14:25:51.0615 20844 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:25:51.0691 20844 Ntfs - ok
14:25:51.0717 20844 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:25:51.0754 20844 ntrigdigi - ok
14:25:51.0786 20844 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:25:51.0815 20844 Null - ok
14:25:51.0994 20844 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
14:25:52.0011 20844 NVHDA - ok
14:25:52.0394 20844 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:25:52.0916 20844 nvlddmkm - ok
14:25:53.0047 20844 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
14:25:53.0080 20844 nvraid - ok
14:25:53.0090 20844 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
14:25:53.0105 20844 nvstor - ok
14:25:53.0172 20844 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
14:25:53.0205 20844 nvsvc - ok
14:25:53.0398 20844 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:25:53.0487 20844 nvUpdatusService - ok
14:25:53.0622 20844 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
14:25:53.0641 20844 nv_agp - ok
14:25:53.0644 20844 NwlnkFlt - ok
14:25:53.0649 20844 NwlnkFwd - ok
14:25:53.0684 20844 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
14:25:53.0711 20844 ohci1394 - ok
14:25:53.0775 20844 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:25:53.0879 20844 p2pimsvc - ok
14:25:53.0885 20844 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:25:53.0907 20844 p2psvc - ok
14:25:53.0928 20844 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:25:53.0967 20844 Parport - ok
14:25:54.0028 20844 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
14:25:54.0037 20844 Partizan - ok
14:25:54.0149 20844 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
14:25:54.0172 20844 partmgr - ok
14:25:54.0207 20844 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:25:54.0253 20844 Parvdm - ok
14:25:54.0405 20844 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
14:25:54.0440 20844 PcaSvc - ok
14:25:54.0492 20844 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:25:54.0510 20844 pci - ok
14:25:54.0543 20844 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
14:25:54.0554 20844 pciide - ok
14:25:54.0564 20844 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:25:54.0580 20844 pcmcia - ok
14:25:54.0647 20844 PdiPorts (089ca80ce0766b031164714b51df99bb) C:\Windows\system32\Drivers\PdiPorts.sys
14:25:54.0672 20844 PdiPorts - ok
14:25:54.0746 20844 PdiService (0a098df98ec8facaa30bd7db4c7aea06) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
14:25:54.0761 20844 PdiService - ok
14:25:54.0799 20844 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:25:54.0901 20844 PEAUTH - ok
14:25:55.0921 20844 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
14:25:56.0101 20844 pla - ok
14:25:56.0213 20844 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
14:25:56.0251 20844 PlugPlay - ok
14:25:56.0317 20844 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:25:56.0338 20844 PNRPAutoReg - ok
14:25:56.0343 20844 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:25:56.0363 20844 PNRPsvc - ok
14:25:56.0402 20844 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
14:25:56.0450 20844 PolicyAgent - ok
14:25:56.0491 20844 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:25:56.0529 20844 PptpMiniport - ok
14:25:56.0597 20844 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
14:25:56.0642 20844 Processor - ok
14:25:56.0701 20844 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
14:25:56.0732 20844 ProfSvc - ok
14:25:56.0767 20844 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:25:56.0792 20844 ProtectedStorage - ok
14:25:56.0831 20844 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:25:56.0849 20844 PSched - ok
14:25:57.0413 20844 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
14:25:57.0424 20844 PSI_SVC_2 - ok
14:25:57.0477 20844 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
14:25:57.0520 20844 ql2300 - ok
14:25:57.0587 20844 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:25:57.0605 20844 ql40xx - ok
14:25:57.0645 20844 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
14:25:57.0681 20844 QWAVE - ok
14:25:57.0699 20844 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:25:57.0710 20844 QWAVEdrv - ok
14:25:57.0720 20844 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:25:57.0753 20844 RasAcd - ok
14:25:57.0771 20844 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
14:25:57.0802 20844 RasAuto - ok
14:25:57.0840 20844 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:25:57.0863 20844 Rasl2tp - ok
14:25:57.0911 20844 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
14:25:57.0943 20844 RasMan - ok
14:25:57.0965 20844 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:25:58.0002 20844 RasPppoe - ok
14:25:58.0019 20844 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:25:58.0046 20844 RasSstp - ok
14:25:58.0089 20844 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:25:58.0111 20844 rdbss - ok
14:25:58.0143 20844 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:25:58.0174 20844 RDPCDD - ok
14:25:58.0206 20844 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
14:25:58.0248 20844 rdpdr - ok
14:25:58.0270 20844 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:25:58.0291 20844 RDPENCDD - ok
14:25:58.0351 20844 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
14:25:58.0439 20844 RDPWD - ok
14:25:58.0484 20844 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
14:25:58.0517 20844 RemoteAccess - ok
14:25:58.0553 20844 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
14:25:58.0584 20844 RemoteRegistry - ok
14:25:58.0608 20844 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
14:25:58.0648 20844 RpcLocator - ok
14:25:58.0703 20844 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
14:25:58.0741 20844 RpcSs - ok
14:25:58.0793 20844 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:25:58.0828 20844 rspndr - ok
14:25:58.0887 20844 RzSynapse (f68bdfab9dc5e516ae38bb64116e6c52) C:\Windows\system32\DRIVERS\RzSynapse.sys
14:25:58.0944 20844 RzSynapse - ok
14:25:58.0961 20844 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:25:58.0972 20844 SamSs - ok
14:25:59.0010 20844 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:25:59.0021 20844 sbp2port - ok
14:25:59.0076 20844 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
14:25:59.0100 20844 SCardSvr - ok
14:25:59.0160 20844 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
14:25:59.0233 20844 Schedule - ok
14:25:59.0267 20844 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
14:25:59.0284 20844 SCPolicySvc - ok
14:25:59.0325 20844 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
14:25:59.0373 20844 SDRSVC - ok
14:25:59.0380 20844 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:25:59.0425 20844 secdrv - ok
14:25:59.0458 20844 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
14:25:59.0481 20844 seclogon - ok
14:25:59.0523 20844 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
14:25:59.0546 20844 SENS - ok
14:25:59.0563 20844 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:25:59.0613 20844 Serenum - ok
14:25:59.0631 20844 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:25:59.0685 20844 Serial - ok
14:25:59.0717 20844 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:25:59.0738 20844 sermouse - ok
14:25:59.0779 20844 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
14:25:59.0807 20844 SessionEnv - ok
14:25:59.0820 20844 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
14:25:59.0858 20844 sffdisk - ok
14:25:59.0870 20844 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
14:25:59.0908 20844 sffp_mmc - ok
14:25:59.0920 20844 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
14:25:59.0956 20844 sffp_sd - ok
14:26:00.0003 20844 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:26:00.0065 20844 sfloppy - ok
14:26:00.0110 20844 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
14:26:00.0146 20844 SharedAccess - ok
14:26:00.0189 20844 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
14:26:00.0241 20844 ShellHWDetection - ok
14:26:00.0252 20844 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
14:26:00.0263 20844 sisagp - ok
14:26:00.0268 20844 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
14:26:00.0278 20844 SiSRaid2 - ok
14:26:00.0290 20844 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
14:26:00.0301 20844 SiSRaid4 - ok
14:26:00.0434 20844 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
14:26:00.0602 20844 slsvc - ok
14:26:00.0714 20844 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
14:26:00.0731 20844 SLUINotify - ok
14:26:00.0788 20844 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:26:00.0813 20844 Smb - ok
14:26:00.0845 20844 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
14:26:00.0857 20844 SNMPTRAP - ok
14:26:00.0897 20844 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:26:00.0908 20844 spldr - ok
14:26:00.0953 20844 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
14:26:00.0991 20844 Spooler - ok
14:26:01.0039 20844 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:26:01.0079 20844 srv - ok
14:26:01.0128 20844 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:26:01.0161 20844 srv2 - ok
14:26:01.0205 20844 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:26:01.0240 20844 srvnet - ok
14:26:01.0268 20844 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
14:26:01.0296 20844 SSDPSRV - ok
14:26:01.0323 20844 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
14:26:01.0341 20844 SstpSvc - ok
14:26:01.0376 20844 STacSV (b218068eba6f46f102b4218bdb81be0b) C:\Windows\system32\STacSV.exe
14:26:01.0436 20844 STacSV - ok
14:26:01.0503 20844 Steam Client Service - ok
14:26:01.0632 20844 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:26:01.0657 20844 Stereo Service - ok
14:26:01.0685 20844 STHDA (167909a1c36aa3e8f2582962f0ccc748) C:\Windows\system32\drivers\stwrt.sys
14:26:01.0718 20844 STHDA - ok
14:26:01.0785 20844 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
14:26:01.0844 20844 stisvc - ok
14:26:01.0906 20844 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:26:01.0917 20844 swenum - ok
14:26:01.0970 20844 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
14:26:02.0003 20844 swprv - ok
14:26:02.0026 20844 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:26:02.0036 20844 Symc8xx - ok
14:26:02.0044 20844 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:26:02.0054 20844 Sym_hi - ok
14:26:02.0063 20844 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:26:02.0073 20844 Sym_u3 - ok
14:26:02.0102 20844 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
14:26:02.0191 20844 SysMain - ok
14:26:02.0221 20844 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
14:26:02.0236 20844 TabletInputService - ok
14:26:02.0277 20844 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
14:26:02.0309 20844 TapiSrv - ok
14:26:02.0349 20844 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
14:26:02.0380 20844 TBS - ok
14:26:02.0462 20844 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
14:26:02.0509 20844 Tcpip - ok
14:26:02.0523 20844 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
14:26:02.0605 20844 Tcpip6 - ok
14:26:02.0655 20844 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:26:02.0678 20844 tcpipreg - ok
14:26:02.0723 20844 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:26:02.0743 20844 TDPIPE - ok
14:26:02.0771 20844 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:26:02.0792 20844 TDTCP - ok
14:26:02.0882 20844 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:26:02.0906 20844 tdx - ok
14:26:02.0925 20844 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:26:02.0937 20844 TermDD - ok
14:26:02.0993 20844 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
14:26:03.0035 20844 TermService - ok
14:26:03.0870 20844 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
14:26:03.0884 20844 Themes - ok
14:26:03.0936 20844 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:26:03.0958 20844 THREADORDER - ok
14:26:04.0241 20844 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
14:26:04.0277 20844 TrkWks - ok
14:26:04.0436 20844 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
14:26:04.0471 20844 TrustedInstaller - ok
14:26:04.0550 20844 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:26:04.0578 20844 tssecsrv - ok
14:26:04.0598 20844 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:26:04.0637 20844 tunmp - ok
14:26:04.0657 20844 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:26:04.0705 20844 tunnel - ok
14:26:04.0727 20844 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
14:26:04.0738 20844 uagp35 - ok
14:26:04.0792 20844 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:26:04.0814 20844 udfs - ok
14:26:04.0825 20844 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
14:26:04.0850 20844 UI0Detect - ok
14:26:04.0871 20844 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
14:26:04.0881 20844 uliagpkx - ok
14:26:04.0901 20844 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
14:26:04.0926 20844 uliahci - ok
14:26:04.0935 20844 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:26:04.0951 20844 UlSata - ok
14:26:04.0965 20844 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:26:04.0982 20844 ulsata2 - ok
14:26:05.0063 20844 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:26:05.0121 20844 umbus - ok
14:26:05.0254 20844 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
14:26:05.0279 20844 upnphost - ok
14:26:05.0450 20844 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:26:05.0480 20844 usbccgp - ok
14:26:05.0500 20844 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:26:05.0538 20844 usbcir - ok
14:26:05.0573 20844 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:26:05.0598 20844 usbehci - ok
14:26:05.0615 20844 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:26:05.0650 20844 usbhub - ok
14:26:05.0665 20844 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:26:05.0709 20844 usbohci - ok
14:26:05.0723 20844 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
14:26:05.0760 20844 usbprint - ok
14:26:05.0784 20844 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:26:05.0803 20844 USBSTOR - ok
14:26:05.0883 20844 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:26:05.0909 20844 usbuhci - ok
14:26:05.0950 20844 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
14:26:05.0975 20844 UxSms - ok
14:26:06.0001 20844 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
14:26:06.0043 20844 vds - ok
14:26:06.0097 20844 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:26:06.0128 20844 vga - ok
14:26:06.0187 20844 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:26:06.0220 20844 VgaSave - ok
14:26:06.0249 20844 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
14:26:06.0266 20844 viaagp - ok
14:26:06.0274 20844 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
14:26:06.0311 20844 ViaC7 - ok
14:26:06.0370 20844 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
14:26:06.0380 20844 viaide - ok
14:26:06.0422 20844 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:26:06.0432 20844 volmgr - ok
14:26:06.0938 20844 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:26:06.0957 20844 volmgrx - ok
14:26:07.0136 20844 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:26:07.0153 20844 volsnap - ok
14:26:07.0178 20844 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
14:26:07.0194 20844 vsmraid - ok
14:26:07.0271 20844 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
14:26:07.0347 20844 VSS - ok
14:26:07.0438 20844 VSTHWBS2 (c466021d31ff6c0a6069d12299d80c0b) C:\Windows\system32\DRIVERS\VSTBS23.SYS
14:26:07.0474 20844 VSTHWBS2 - ok
14:26:07.0540 20844 VST_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
14:26:07.0623 20844 VST_DPV - ok
14:26:08.0065 20844 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
14:26:08.0085 20844 W32Time - ok
14:26:08.0222 20844 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:26:08.0288 20844 WacomPen - ok
14:26:08.0331 20844 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:26:08.0349 20844 Wanarp - ok
14:26:08.0351 20844 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:26:08.0367 20844 Wanarpv6 - ok
14:26:08.0438 20844 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
14:26:08.0484 20844 wcncsvc - ok
14:26:08.0624 20844 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
14:26:08.0643 20844 WcsPlugInService - ok
14:26:08.0731 20844 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
14:26:08.0742 20844 Wd - ok
14:26:08.0890 20844 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:26:08.0918 20844 Wdf01000 - ok
14:26:09.0187 20844 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:26:09.0248 20844 WdiServiceHost - ok
14:26:09.0251 20844 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:26:09.0272 20844 WdiSystemHost - ok
14:26:09.0469 20844 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
14:26:09.0484 20844 WebClient - ok
14:26:09.0544 20844 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
14:26:09.0610 20844 Wecsvc - ok
14:26:10.0003 20844 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
14:26:10.0021 20844 wercplsupport - ok
14:26:10.0472 20844 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
14:26:10.0526 20844 WerSvc - ok
14:26:10.0902 20844 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
14:26:10.0959 20844 winachsf - ok
14:26:12.0701 20844 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
14:26:12.0736 20844 WinDefend - ok
14:26:12.0741 20844 WinHttpAutoProxySvc - ok
14:26:12.0951 20844 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
14:26:12.0974 20844 Winmgmt - ok
14:26:13.0936 20844 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
14:26:13.0996 20844 WinRM - ok
14:26:14.0049 20844 WinUsb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.SYS
14:26:14.0079 20844 WinUsb - ok
14:26:14.0946 20844 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
14:26:15.0061 20844 Wlansvc - ok
14:26:15.0197 20844 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
14:26:15.0278 20844 WmiAcpi - ok
14:26:16.0117 20844 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
14:26:16.0146 20844 wmiApSrv - ok
14:26:16.0941 20844 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:26:16.0989 20844 WMPNetworkSvc - ok
14:26:17.0965 20844 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
14:26:18.0031 20844 WPCSvc - ok
14:26:18.0079 20844 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
14:26:18.0122 20844 WPDBusEnum - ok
14:26:18.0955 20844 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:26:19.0034 20844 WPFFontCache_v0400 - ok
14:26:19.0132 20844 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:26:19.0172 20844 ws2ifsl - ok
14:26:19.0436 20844 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
14:26:19.0478 20844 wscsvc - ok
14:26:19.0481 20844 WSearch - ok
14:26:21.0340 20844 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
14:26:21.0392 20844 wuauserv - ok
14:26:22.0890 20844 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:26:22.0918 20844 WUDFRd - ok
14:26:22.0933 20844 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
14:26:22.0974 20844 wudfsvc - ok
14:26:23.0035 20844 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
14:26:26.0126 20844 \Device\Harddisk0\DR0 - ok
14:26:26.0133 20844 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
14:26:26.0225 20844 \Device\Harddisk1\DR2 - ok
14:26:26.0244 20844 Boot (0x1200) (dba330521c7fe216d64bf7f95dc82e04) \Device\Harddisk0\DR0\Partition0
14:26:26.0255 20844 \Device\Harddisk0\DR0\Partition0 - ok
14:26:26.0276 20844 Boot (0x1200) (b2c3084d80196d6b9224161db67d8ac2) \Device\Harddisk0\DR0\Partition1
14:26:26.0301 20844 \Device\Harddisk0\DR0\Partition1 - ok
14:26:26.0304 20844 Boot (0x1200) (d36b35b78ff1c8b9c6922ad2bbdd7491) \Device\Harddisk1\DR2\Partition0
14:26:26.0305 20844 \Device\Harddisk1\DR2\Partition0 - ok
14:26:26.0305 20844 ============================================================
14:26:26.0305 20844 Scan finished
14:26:26.0305 20844 ============================================================
14:26:26.0313 22488 Detected object count: 0
14:26:26.0314 22488 Actual detected object count: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-04 14:31:12
-----------------------------
14:31:12.760 OS Version: Windows 6.0.6002 Service Pack 2
14:31:12.760 Number of processors: 4 586 0xF0B
14:31:12.762 ComputerName: OWNER-PC UserName: Owner
14:31:14.194 Initialize success
14:37:09.873 AVAST engine defs: 12060401
14:39:47.665 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:39:47.668 Disk 0 Vendor: ST3500630AS 3.ADG Size: 476940MB BusType: 3
14:39:47.693 Disk 0 MBR read successfully
14:39:47.696 Disk 0 MBR scan
14:39:47.707 Disk 0 Windows VISTA default MBR code
14:39:47.723 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
14:39:47.733 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 112640
14:39:47.749 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 461524 MB offset 31569920
14:39:47.756 Disk 0 scanning sectors +976771072
14:39:47.927 Disk 0 scanning C:\Windows\system32\drivers
14:40:04.477 Service scanning
14:40:24.099 Modules scanning
14:40:41.111 Disk 0 trace - called modules:
14:40:41.128 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll pciide.sys PCIIDEX.SYS atapi.sys
14:40:41.129 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85d465d8]
14:40:41.129 3 CLASSPNP.SYS[8a59e8b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84989b98]
14:40:42.962 AVAST engine scan C:\Windows
14:40:59.961 AVAST engine scan C:\Windows\system32
14:44:47.114 AVAST engine scan C:\Windows\system32\drivers
14:45:02.858 AVAST engine scan C:\Users\Owner
14:56:52.275 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
14:56:52.325 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-04 14:57:19
-----------------------------
14:57:19.248 OS Version: Windows 6.0.6002 Service Pack 2
14:57:19.248 Number of processors: 4 586 0xF0B
14:57:19.250 ComputerName: OWNER-PC UserName: Owner
14:57:20.831 Initialize success
14:57:25.551 AVAST engine defs: 12060401
14:57:51.230 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:57:51.234 Disk 0 Vendor: ST3500630AS 3.ADG Size: 476940MB BusType: 3
14:57:51.279 Disk 0 MBR read successfully
14:57:51.282 Disk 0 MBR scan
14:57:51.286 Disk 0 Windows VISTA default MBR code
14:57:51.303 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
14:57:51.322 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 112640
14:57:51.345 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 461524 MB offset 31569920
14:57:51.387 Disk 0 scanning sectors +976771072
14:57:51.614 Disk 0 scanning C:\Windows\system32\drivers
14:58:14.007 Service scanning
14:58:35.454 Modules scanning
14:59:01.234 Disk 0 trace - called modules:
14:59:01.249 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll pciide.sys PCIIDEX.SYS atapi.sys
14:59:01.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85d465d8]
14:59:01.250 3 CLASSPNP.SYS[8a59e8b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84989b98]
14:59:02.685 AVAST engine scan C:\Windows
14:59:29.803 AVAST engine scan C:\Windows\system32
15:03:14.821 AVAST engine scan C:\Windows\system32\drivers
15:03:40.240 AVAST engine scan C:\Users\Owner
15:41:42.338 AVAST engine scan C:\ProgramData
15:45:34.843 Scan finished successfully
15:48:46.847 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
15:48:46.869 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ComboFix 12-06-04.02 - Owner 06/04/2012 15:52:36.1.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3069.1296 [GMT -5:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-05-04 to 2012-06-04 )))))))))))))))))))))))))))))))
.
.
2012-06-04 20:58 . 2012-06-04 20:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-04 20:58 . 2012-06-04 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-31 18:42 . 2012-05-31 18:42 388096 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-05-31 18:42 . 2012-05-31 18:42 -------- d-----w- c:\program files\Trend Micro
2012-05-31 01:56 . 2012-05-31 05:33 -------- d-----w- c:\programdata\RegRun
2012-05-31 01:56 . 2012-05-31 01:56 39184 ----a-w- c:\windows\system32\Partizan.exe
2012-05-31 01:56 . 2012-05-31 01:56 35816 ----a-w- c:\windows\system32\drivers\Partizan.sys
2012-05-31 01:56 . 2012-05-31 01:56 2 --shatr- c:\windows\winstart.bat
2012-05-31 01:56 . 2012-05-04 18:17 12800 ----a-w- c:\windows\system32\drivers\UnHackMeDrv.sys
2012-05-31 01:56 . 2012-05-31 01:56 -------- d-----w- c:\program files\UnHackMe
2012-05-23 04:10 . 2012-05-23 04:10 -------- d-----w- c:\program files\CCleaner
2012-05-09 15:48 . 2012-05-09 15:48 -------- d-----w- C:\$AVG
2012-05-09 15:48 . 2012-05-09 15:48 -------- d-----w- c:\users\Owner\AppData\Roaming\AVG2012
2012-05-09 15:47 . 2012-05-09 16:07 -------- d-----w- c:\programdata\AVG2012
2012-05-08 22:18 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-08 22:18 . 2012-03-30 12:39 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-08 22:18 . 2012-02-01 15:11 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-08 22:18 . 2012-02-01 15:10 983040 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-08 22:18 . 2012-02-01 15:10 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-08 22:18 . 2012-02-01 15:10 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-08 22:18 . 2012-02-01 15:10 1404928 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2012-05-08 22:18 . 2012-02-01 13:58 47104 ----a-w- c:\program files\Windows Journal\PDIALOG.exe
2012-05-08 22:12 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-08 22:12 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-08 22:12 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-08 22:12 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-05-08 22:12 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-05-08 22:11 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-08 22:11 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-08 22:11 . 2012-04-02 13:36 2044928 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-19 09:50 . 2012-04-19 09:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-04-04 20:56 . 2012-03-22 02:05 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-19 10:17 . 2012-03-19 10:17 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-05-04 14:34 . 2012-02-06 01:12 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Steam"="c:\program files\Steam\Steam.exe" [2012-03-13 1242448]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-12 405504]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Razer Anansi Driver"="c:\program files\Razer\Anansi\RazerAnansiSysTray.exe" [2011-10-17 939416]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"PivotSoftware"="c:\program files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" [2010-05-13 110192]
"DT ACR"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2010-06-30 121456]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart\0Partizan
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 04681245
*NewlyCreated* - 43615286
*NewlyCreated* - ASWMBR
*Deregistered* - 04681245
*Deregistered* - 43615286
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06 11:22]
.
2012-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06 11:22]
.
.
------- Supplementary Scan -------
.
IE: {{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\AVG\AVG2012\avgdtiex.dll
TCP: DhcpNameServer = 192.168.3.1
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9ofhl484.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/|http://missouriwestern.edu/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-04 15:58
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2145506375-2984372104-633398988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*ŠœÞu.W“Y™MÂ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-2145506375-2984372104-633398988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*ŠœÞu.W“Y™MÂ\OpenWithList]
@Class="Shell"
"a"="Corel PaintShop Pro.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-06-04 16:01:49
ComboFix-quarantined-files.txt 2012-06-04 21:01
.
Pre-Run: 259,425,202,176 bytes free
Post-Run: 259,488,256,000 bytes free
.
- - End Of File - - 5ACF6BAD71C6A3EF7CDED15CF2D85073

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OK At about 7:20 Central US time 6/4/12 the symptoms appeared again. Only this time it wouldn't let me even go to geekstogo.com to edit my post (new symptom). It lasted 1 hour 27 minutes.

Computer 1 sends me to "googleapis.com" when I try to go to your forums.

http://s1267.photobu...stogochrome.jpg

http://s1267.photobu...t=geekstogo.jpg

Computer 2

http://s1267.photobu...ekscomp2ffb.jpg

http://s1267.photobu...ekscomp2ffa.jpg

http://s1267.photobu...comp2chrome.jpg

Computer 2 is also redirecting photobucket to the "google-analytics" thing.

Rebooted Computer 1 at 7:52 pm. Regrun Reanimator began running upon startup. I stopped it since it's a program I did NOT download (though it looks like it came with HijackMe).

As of 8:05 PM Computer 1 is blocking access to photobucket as well. It blocks slooh.com too.

8:32 Photobucket is accessible.

8:37 this is what I get when I try to access geekstogo.com's forums (and my thread) in IE

http://s1267.photobu...=comp1g2gie.jpg

~~~~~~~~~~~~~~~~~~

Edit 6/5

Facebook is redirecting me now.

http://s1267.photobu...edirect65ff.jpg

~~~~~~~~~~~~~~~~~~~~

Edit 6/6

It started again, and it's pretty much blocking me from every site I want to go to.
Facebook
Google
Yahoo! News (only when you actually click a story, Yahoo itself pulls up)
DreaminDemon (redirects to what claims to be disqus.com)

Oddly enough, Youtube is actually working.

Edited by BoudiccaGruaim, 06 June 2012 - 08:26 PM.

#6
BoudiccaGruaim

Posted 07 June 2012 - 09:28 PM

New Member

Topic Starter
Member
5 posts

Scans done WHILE the problem was going on. June 7, 2012. 6:30 pm CDT. The problem's been going on for about an hour and a half. Almost every page I try to access on the internet redirects me to some obscure site like the screencaps in my previous posts.

http://s1267.photobu...econsumed/bleh/

Thanks.

~~~~~~~~~~~~~~~~
TDSS Killer

18:34:18.0780 4804 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
18:34:19.0355 4804 ============================================================
18:34:19.0355 4804 Current date / time: 2012/06/07 18:34:19.0355
18:34:19.0355 4804 SystemInfo:
18:34:19.0355 4804
18:34:19.0355 4804 OS Version: 6.0.6002 ServicePack: 2.0
18:34:19.0355 4804 Product type: Workstation
18:34:19.0355 4804 ComputerName: OWNER-PC
18:34:19.0355 4804 UserName: Owner
18:34:19.0355 4804 Windows directory: C:\Windows
18:34:19.0355 4804 System windows directory: C:\Windows
18:34:19.0355 4804 Processor architecture: Intel x86
18:34:19.0355 4804 Number of processors: 4
18:34:19.0355 4804 Page size: 0x1000
18:34:19.0355 4804 Boot type: Normal boot
18:34:19.0355 4804 ============================================================
18:34:20.0236 4804 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:34:20.0238 4804 Drive \Device\Harddisk1\DR1 - Size: 0xEF300000 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:20.0239 4804 ============================================================
18:34:20.0239 4804 \Device\Harddisk0\DR0:
18:34:20.0240 4804 MBR partitions:
18:34:20.0240 4804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1E00000
18:34:20.0240 4804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E1B800, BlocksNum 0x3856A000
18:34:20.0240 4804 \Device\Harddisk1\DR1:
18:34:20.0240 4804 MBR partitions:
18:34:20.0240 4804 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7797E0
18:34:20.0240 4804 ============================================================
18:34:20.0271 4804 C: <-> \Device\Harddisk0\DR0\Partition1
18:34:20.0299 4804 D: <-> \Device\Harddisk0\DR0\Partition0
18:34:20.0299 4804 ============================================================
18:34:20.0299 4804 Initialize success
18:34:20.0299 4804 ============================================================
18:34:27.0693 3200 ============================================================
18:34:27.0693 3200 Scan started
18:34:27.0693 3200 Mode: Manual; SigCheck; TDLFS;
18:34:27.0693 3200 ============================================================
18:34:28.0545 3200 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:34:28.0655 3200 ACPI - ok
18:34:28.0756 3200 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:34:28.0767 3200 AdobeARMservice - ok
18:34:28.0809 3200 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
18:34:28.0835 3200 adp94xx - ok
18:34:28.0854 3200 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
18:34:28.0868 3200 adpahci - ok
18:34:28.0906 3200 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
18:34:28.0923 3200 adpu160m - ok
18:34:28.0939 3200 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
18:34:28.0951 3200 adpu320 - ok
18:34:28.0994 3200 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
18:34:29.0070 3200 AeLookupSvc - ok
18:34:29.0125 3200 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:34:29.0187 3200 AFD - ok
18:34:29.0226 3200 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
18:34:29.0237 3200 agp440 - ok
18:34:29.0290 3200 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:34:29.0301 3200 aic78xx - ok
18:34:29.0349 3200 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
18:34:29.0422 3200 ALG - ok
18:34:29.0454 3200 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
18:34:29.0465 3200 aliide - ok
18:34:29.0507 3200 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
18:34:29.0517 3200 amdagp - ok
18:34:29.0541 3200 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
18:34:29.0551 3200 amdide - ok
18:34:29.0596 3200 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
18:34:29.0805 3200 AmdK7 - ok
18:34:29.0824 3200 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
18:34:29.0876 3200 AmdK8 - ok
18:34:29.0959 3200 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
18:34:29.0998 3200 Appinfo - ok
18:34:30.0058 3200 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
18:34:30.0069 3200 arc - ok
18:34:30.0267 3200 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
18:34:30.0279 3200 arcsas - ok
18:34:30.0667 3200 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:34:30.0709 3200 AsyncMac - ok
18:34:30.0725 3200 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:34:30.0737 3200 atapi - ok
18:34:30.0778 3200 Ati External Event Utility (74279ed618c00eb4c534ba2b21583cbb) C:\Windows\system32\Ati2evxx.exe
18:34:30.0865 3200 Ati External Event Utility - ok
18:34:31.0016 3200 atikmdag (d9527f4bde7e18077a33623f0bc8eb86) C:\Windows\system32\DRIVERS\atikmdag.sys
18:34:31.0161 3200 atikmdag - ok
18:34:31.0282 3200 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
18:34:31.0314 3200 AudioEndpointBuilder - ok
18:34:31.0318 3200 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
18:34:31.0338 3200 Audiosrv - ok
18:34:31.0578 3200 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files\AVG\AVG2012\avgidsagent.exe
18:34:31.0700 3200 AVGIDSAgent - ok
18:34:31.0894 3200 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
18:34:31.0923 3200 AVGIDSDriver - ok
18:34:31.0936 3200 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
18:34:31.0949 3200 AVGIDSFilter - ok
18:34:31.0955 3200 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\Windows\system32\DRIVERS\avgidshx.sys
18:34:31.0966 3200 AVGIDSHX - ok
18:34:32.0006 3200 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
18:34:32.0014 3200 AVGIDSShim - ok
18:34:32.0028 3200 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
18:34:32.0040 3200 Avgldx86 - ok
18:34:32.0051 3200 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
18:34:32.0060 3200 Avgmfx86 - ok
18:34:32.0066 3200 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
18:34:32.0075 3200 Avgrkx86 - ok
18:34:32.0094 3200 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\Windows\system32\DRIVERS\avgtdix.sys
18:34:32.0107 3200 Avgtdix - ok
18:34:32.0217 3200 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
18:34:32.0232 3200 avgwd - ok
18:34:32.0280 3200 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:34:32.0312 3200 Beep - ok
18:34:32.0369 3200 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
18:34:32.0391 3200 BFE - ok
18:34:32.0479 3200 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
18:34:32.0542 3200 BITS - ok
18:34:32.0544 3200 blbdrive - ok
18:34:32.0586 3200 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
18:34:32.0619 3200 bowser - ok
18:34:32.0654 3200 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:34:32.0680 3200 BrFiltLo - ok
18:34:32.0689 3200 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:34:32.0726 3200 BrFiltUp - ok
18:34:32.0759 3200 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
18:34:32.0795 3200 Browser - ok
18:34:32.0820 3200 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:34:32.0858 3200 Brserid - ok
18:34:32.0875 3200 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:34:32.0922 3200 BrSerWdm - ok
18:34:32.0938 3200 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:34:32.0989 3200 BrUsbMdm - ok
18:34:33.0004 3200 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:34:33.0053 3200 BrUsbSer - ok
18:34:33.0075 3200 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:34:33.0124 3200 BTHMODEM - ok
18:34:33.0202 3200 catchme - ok
18:34:33.0262 3200 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:34:33.0286 3200 cdfs - ok
18:34:33.0327 3200 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:34:33.0354 3200 cdrom - ok
18:34:33.0407 3200 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
18:34:33.0425 3200 CertPropSvc - ok
18:34:33.0445 3200 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
18:34:33.0482 3200 circlass - ok
18:34:33.0521 3200 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:34:33.0536 3200 CLFS - ok
18:34:33.0608 3200 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:34:33.0619 3200 clr_optimization_v2.0.50727_32 - ok
18:34:33.0698 3200 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:34:33.0709 3200 clr_optimization_v4.0.30319_32 - ok
18:34:33.0727 3200 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
18:34:33.0738 3200 cmdide - ok
18:34:33.0757 3200 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
18:34:33.0767 3200 Compbatt - ok
18:34:33.0769 3200 COMSysApp - ok
18:34:33.0773 3200 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
18:34:33.0783 3200 crcdisk - ok
18:34:33.0793 3200 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
18:34:33.0839 3200 Crusoe - ok
18:34:33.0886 3200 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
18:34:33.0904 3200 CryptSvc - ok
18:34:33.0950 3200 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
18:34:34.0003 3200 DcomLaunch - ok
18:34:34.0054 3200 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
18:34:34.0092 3200 DfsC - ok
18:34:34.0204 3200 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
18:34:34.0356 3200 DFSR - ok
18:34:34.0483 3200 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
18:34:34.0523 3200 Dhcp - ok
18:34:34.0630 3200 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:34:34.0643 3200 disk - ok
18:34:34.0715 3200 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
18:34:34.0742 3200 Dnscache - ok
18:34:34.0762 3200 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
18:34:34.0785 3200 dot3svc - ok
18:34:34.0827 3200 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
18:34:34.0849 3200 DPS - ok
18:34:34.0884 3200 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:34:34.0923 3200 drmkaud - ok
18:34:35.0058 3200 DTSRVC (0cedf29cfa2e1209456d98c2ee4ae6f5) C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
18:34:35.0074 3200 DTSRVC - ok
18:34:35.0133 3200 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:34:35.0156 3200 DXGKrnl - ok
18:34:35.0178 3200 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
18:34:35.0192 3200 e1express - ok
18:34:35.0229 3200 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:34:35.0277 3200 E1G60 - ok
18:34:35.0350 3200 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
18:34:35.0382 3200 EapHost - ok
18:34:35.0975 3200 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:34:35.0989 3200 Ecache - ok
18:34:37.0033 3200 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
18:34:37.0119 3200 ehRecvr - ok
18:34:37.0135 3200 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
18:34:37.0161 3200 ehSched - ok
18:34:37.0168 3200 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
18:34:37.0279 3200 ehstart - ok
18:34:37.0309 3200 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
18:34:37.0334 3200 elxstor - ok
18:34:37.0400 3200 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
18:34:37.0452 3200 EMDMgmt - ok
18:34:37.0489 3200 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
18:34:37.0537 3200 EventSystem - ok
18:34:38.0238 3200 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:34:38.0261 3200 exfat - ok
18:34:38.0569 3200 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:34:38.0662 3200 fastfat - ok
18:34:38.0691 3200 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
18:34:38.0742 3200 fdc - ok
18:34:38.0819 3200 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
18:34:38.0842 3200 fdPHost - ok
18:34:38.0876 3200 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
18:34:38.0927 3200 FDResPub - ok
18:34:38.0944 3200 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:34:38.0956 3200 FileInfo - ok
18:34:38.0995 3200 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:34:39.0029 3200 Filetrace - ok
18:34:39.0050 3200 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
18:34:39.0095 3200 flpydisk - ok
18:34:39.0134 3200 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:34:39.0153 3200 FltMgr - ok
18:34:39.0264 3200 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
18:34:39.0369 3200 FontCache - ok
18:34:39.0454 3200 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:34:39.0465 3200 FontCache3.0.0.0 - ok
18:34:39.0536 3200 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
18:34:39.0560 3200 Fs_Rec - ok
18:34:39.0583 3200 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
18:34:39.0594 3200 gagp30kx - ok
18:34:39.0679 3200 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
18:34:39.0720 3200 gpsvc - ok
18:34:39.0763 3200 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
18:34:39.0831 3200 HdAudAddService - ok
18:34:39.0907 3200 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:34:39.0983 3200 HDAudBus - ok
18:34:40.0010 3200 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:34:40.0056 3200 HidBth - ok
18:34:40.0077 3200 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:34:40.0131 3200 HidIr - ok
18:34:40.0167 3200 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
18:34:40.0192 3200 hidserv - ok
18:34:40.0211 3200 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:34:40.0229 3200 HidUsb - ok
18:34:40.0277 3200 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
18:34:40.0300 3200 hkmsvc - ok
18:34:40.0311 3200 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
18:34:40.0322 3200 HpCISSs - ok
18:34:40.0371 3200 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:34:40.0413 3200 HTTP - ok
18:34:40.0441 3200 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
18:34:40.0451 3200 i2omp - ok
18:34:40.0509 3200 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:34:40.0538 3200 i8042prt - ok
18:34:40.0559 3200 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
18:34:40.0585 3200 iaStorV - ok
18:34:40.0670 3200 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:34:40.0697 3200 idsvc - ok
18:34:40.0790 3200 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:34:40.0801 3200 iirsp - ok
18:34:40.0852 3200 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
18:34:40.0892 3200 IKEEXT - ok
18:34:40.0920 3200 intelide (1c60617d54bc9f035671a44b75d9f7cc) C:\Windows\system32\drivers\intelide.sys
18:34:40.0931 3200 intelide - ok
18:34:40.0975 3200 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:34:41.0007 3200 intelppm - ok
18:34:41.0078 3200 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
18:34:41.0102 3200 IPBusEnum - ok
18:34:41.0144 3200 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:34:41.0177 3200 IpFilterDriver - ok
18:34:41.0229 3200 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
18:34:41.0276 3200 iphlpsvc - ok
18:34:41.0300 3200 IpInIp - ok
18:34:41.0319 3200 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
18:34:41.0366 3200 IPMIDRV - ok
18:34:41.0403 3200 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:34:41.0426 3200 IPNAT - ok
18:34:41.0466 3200 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:34:41.0488 3200 IRENUM - ok
18:34:41.0499 3200 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
18:34:41.0509 3200 isapnp - ok
18:34:41.0554 3200 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:34:41.0568 3200 iScsiPrt - ok
18:34:41.0577 3200 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:34:41.0587 3200 iteatapi - ok
18:34:41.0595 3200 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:34:41.0606 3200 iteraid - ok
18:34:41.0637 3200 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:34:41.0648 3200 kbdclass - ok
18:34:41.0670 3200 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:34:41.0695 3200 kbdhid - ok
18:34:41.0726 3200 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
18:34:41.0759 3200 KeyIso - ok
18:34:41.0780 3200 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
18:34:41.0798 3200 KSecDD - ok
18:34:41.0874 3200 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
18:34:41.0919 3200 KtmRm - ok
18:34:41.0969 3200 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
18:34:42.0009 3200 LanmanServer - ok
18:34:42.0065 3200 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
18:34:42.0129 3200 LanmanWorkstation - ok
18:34:42.0166 3200 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:34:42.0211 3200 lltdio - ok
18:34:42.0234 3200 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
18:34:42.0286 3200 lltdsvc - ok
18:34:42.0339 3200 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
18:34:42.0380 3200 lmhosts - ok
18:34:42.0408 3200 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
18:34:42.0419 3200 LSI_FC - ok
18:34:42.0431 3200 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
18:34:42.0442 3200 LSI_SAS - ok
18:34:42.0456 3200 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
18:34:42.0466 3200 LSI_SCSI - ok
18:34:42.0510 3200 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:34:42.0539 3200 luafv - ok
18:34:42.0593 3200 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
18:34:42.0604 3200 MBAMProtector - ok
18:34:42.0690 3200 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:34:42.0724 3200 MBAMService - ok
18:34:42.0765 3200 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
18:34:42.0806 3200 Mcx2Svc - ok
18:34:42.0820 3200 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
18:34:42.0831 3200 megasas - ok
18:34:42.0873 3200 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
18:34:42.0909 3200 MMCSS - ok
18:34:42.0920 3200 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:34:42.0952 3200 Modem - ok
18:34:42.0976 3200 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:34:43.0000 3200 monitor - ok
18:34:43.0037 3200 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:34:43.0048 3200 mouclass - ok
18:34:43.0085 3200 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:34:43.0107 3200 mouhid - ok
18:34:43.0154 3200 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:34:43.0166 3200 MountMgr - ok
18:34:43.0218 3200 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:34:43.0235 3200 MozillaMaintenance - ok
18:34:43.0265 3200 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
18:34:43.0276 3200 mpio - ok
18:34:43.0283 3200 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:34:43.0300 3200 mpsdrv - ok
18:34:43.0358 3200 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
18:34:43.0389 3200 MpsSvc - ok
18:34:43.0430 3200 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:34:43.0441 3200 Mraid35x - ok
18:34:43.0463 3200 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:34:43.0476 3200 MRxDAV - ok
18:34:43.0525 3200 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:34:43.0551 3200 mrxsmb - ok
18:34:43.0573 3200 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:34:43.0596 3200 mrxsmb10 - ok
18:34:43.0619 3200 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:34:43.0661 3200 mrxsmb20 - ok
18:34:43.0692 3200 msahci (f0ec3a4e0693a34b148723b4da31668c) C:\Windows\system32\drivers\msahci.sys
18:34:43.0703 3200 msahci - ok
18:34:43.0717 3200 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
18:34:43.0728 3200 msdsm - ok
18:34:43.0767 3200 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
18:34:43.0796 3200 MSDTC - ok
18:34:43.0845 3200 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:34:43.0881 3200 Msfs - ok
18:34:43.0915 3200 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:34:43.0926 3200 msisadrv - ok
18:34:43.0968 3200 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
18:34:44.0013 3200 MSiSCSI - ok
18:34:44.0030 3200 msiserver - ok
18:34:44.0067 3200 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:34:44.0100 3200 MSKSSRV - ok
18:34:44.0141 3200 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:34:44.0174 3200 MSPCLOCK - ok
18:34:44.0191 3200 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:34:44.0213 3200 MSPQM - ok
18:34:44.0257 3200 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:34:44.0274 3200 MsRPC - ok
18:34:44.0281 3200 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:34:44.0293 3200 mssmbios - ok
18:34:44.0304 3200 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:34:44.0336 3200 MSTEE - ok
18:34:44.0374 3200 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:34:44.0386 3200 Mup - ok
18:34:44.0434 3200 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
18:34:44.0455 3200 napagent - ok
18:34:44.0508 3200 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:34:44.0526 3200 NativeWifiP - ok
18:34:44.0567 3200 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:34:44.0587 3200 NDIS - ok
18:34:44.0650 3200 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:34:44.0678 3200 NdisTapi - ok
18:34:44.0692 3200 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:34:44.0714 3200 Ndisuio - ok
18:34:44.0729 3200 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:34:44.0767 3200 NdisWan - ok
18:34:44.0783 3200 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:34:44.0802 3200 NDProxy - ok
18:34:44.0837 3200 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:34:44.0861 3200 NetBIOS - ok
18:34:44.0877 3200 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:34:44.0904 3200 netbt - ok
18:34:44.0941 3200 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
18:34:44.0954 3200 Netlogon - ok
18:34:45.0000 3200 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
18:34:45.0035 3200 Netman - ok
18:34:45.0074 3200 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
18:34:45.0108 3200 netprofm - ok
18:34:45.0179 3200 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:34:45.0195 3200 NetTcpPortSharing - ok
18:34:45.0222 3200 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:34:45.0233 3200 nfrd960 - ok
18:34:45.0250 3200 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
18:34:45.0281 3200 NlaSvc - ok
18:34:45.0305 3200 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:34:45.0337 3200 Npfs - ok
18:34:45.0372 3200 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
18:34:45.0408 3200 nsi - ok
18:34:45.0425 3200 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:34:45.0448 3200 nsiproxy - ok
18:34:45.0521 3200 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:34:45.0568 3200 Ntfs - ok
18:34:45.0613 3200 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:34:45.0650 3200 ntrigdigi - ok
18:34:45.0689 3200 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:34:45.0712 3200 Null - ok
18:34:45.0765 3200 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
18:34:45.0776 3200 NVHDA - ok
18:34:46.0420 3200 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:34:47.0215 3200 nvlddmkm - ok
18:34:47.0317 3200 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
18:34:47.0351 3200 nvraid - ok
18:34:47.0360 3200 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
18:34:47.0376 3200 nvstor - ok
18:34:47.0443 3200 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
18:34:47.0477 3200 nvsvc - ok
18:34:47.0720 3200 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:34:47.0825 3200 nvUpdatusService - ok
18:34:47.0943 3200 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
18:34:47.0954 3200 nv_agp - ok
18:34:47.0956 3200 NwlnkFlt - ok
18:34:47.0959 3200 NwlnkFwd - ok
18:34:48.0012 3200 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
18:34:48.0089 3200 ohci1394 - ok
18:34:48.0153 3200 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
18:34:48.0191 3200 p2pimsvc - ok
18:34:48.0196 3200 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
18:34:48.0218 3200 p2psvc - ok
18:34:48.0260 3200 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:34:48.0298 3200 Parport - ok
18:34:48.0331 3200 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
18:34:48.0340 3200 Partizan - ok
18:34:48.0385 3200 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
18:34:48.0398 3200 partmgr - ok
18:34:48.0410 3200 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:34:48.0457 3200 Parvdm - ok
18:34:48.0509 3200 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
18:34:48.0536 3200 PcaSvc - ok
18:34:48.0564 3200 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:34:48.0578 3200 pci - ok
18:34:48.0605 3200 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
18:34:48.0617 3200 pciide - ok
18:34:48.0634 3200 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:34:48.0646 3200 pcmcia - ok
18:34:48.0683 3200 PdiPorts (089ca80ce0766b031164714b51df99bb) C:\Windows\system32\Drivers\PdiPorts.sys
18:34:48.0693 3200 PdiPorts - ok
18:34:48.0783 3200 PdiService (0a098df98ec8facaa30bd7db4c7aea06) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
18:34:48.0798 3200 PdiService - ok
18:34:48.0844 3200 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:34:48.0922 3200 PEAUTH - ok
18:34:49.0012 3200 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
18:34:49.0081 3200 pla - ok
18:34:49.0217 3200 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
18:34:49.0256 3200 PlugPlay - ok
18:34:49.0337 3200 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
18:34:49.0358 3200 PNRPAutoReg - ok
18:34:49.0364 3200 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
18:34:49.0385 3200 PNRPsvc - ok
18:34:49.0417 3200 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
18:34:49.0455 3200 PolicyAgent - ok
18:34:49.0496 3200 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:34:49.0533 3200 PptpMiniport - ok
18:34:49.0576 3200 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
18:34:49.0622 3200 Processor - ok
18:34:49.0688 3200 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
18:34:49.0708 3200 ProfSvc - ok
18:34:49.0738 3200 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
18:34:49.0750 3200 ProtectedStorage - ok
18:34:49.0794 3200 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:34:49.0833 3200 PSched - ok
18:34:49.0911 3200 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
18:34:49.0926 3200 PSI_SVC_2 - ok
18:34:49.0974 3200 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
18:34:50.0000 3200 ql2300 - ok
18:34:50.0016 3200 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:34:50.0027 3200 ql40xx - ok
18:34:50.0074 3200 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
18:34:50.0111 3200 QWAVE - ok
18:34:50.0120 3200 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:34:50.0132 3200 QWAVEdrv - ok
18:34:50.0141 3200 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:34:50.0175 3200 RasAcd - ok
18:34:50.0192 3200 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
18:34:50.0232 3200 RasAuto - ok
18:34:50.0270 3200 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:34:50.0293 3200 Rasl2tp - ok
18:34:50.0341 3200 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
18:34:50.0388 3200 RasMan - ok
18:34:50.0412 3200 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:34:50.0449 3200 RasPppoe - ok
18:34:50.0466 3200 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:34:50.0485 3200 RasSstp - ok
18:34:50.0527 3200 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:34:50.0546 3200 rdbss - ok
18:34:50.0566 3200 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:34:50.0606 3200 RDPCDD - ok
18:34:50.0635 3200 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
18:34:50.0675 3200 rdpdr - ok
18:34:50.0681 3200 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:34:50.0703 3200 RDPENCDD - ok
18:34:50.0764 3200 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
18:34:50.0820 3200 RDPWD - ok
18:34:50.0872 3200 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
18:34:50.0906 3200 RemoteAccess - ok
18:34:50.0942 3200 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
18:34:50.0973 3200 RemoteRegistry - ok
18:34:50.0996 3200 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
18:34:51.0037 3200 RpcLocator - ok
18:34:51.0120 3200 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\System32\rpcss.dll
18:34:51.0145 3200 RpcSs - ok
18:34:51.0156 3200 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:34:51.0191 3200 rspndr - ok
18:34:51.0250 3200 RzSynapse (f68bdfab9dc5e516ae38bb64116e6c52) C:\Windows\system32\DRIVERS\RzSynapse.sys
18:34:51.0282 3200 RzSynapse - ok
18:34:51.0299 3200 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
18:34:51.0312 3200 SamSs - ok
18:34:51.0348 3200 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:34:51.0359 3200 sbp2port - ok
18:34:51.0406 3200 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
18:34:51.0430 3200 SCardSvr - ok
18:34:51.0489 3200 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
18:34:51.0598 3200 Schedule - ok
18:34:51.0663 3200 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
18:34:51.0682 3200 SCPolicySvc - ok
18:34:51.0732 3200 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
18:34:51.0770 3200 SDRSVC - ok
18:34:51.0776 3200 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:34:51.0822 3200 secdrv - ok
18:34:51.0854 3200 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
18:34:51.0878 3200 seclogon - ok
18:34:51.0919 3200 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
18:34:51.0944 3200 SENS - ok
18:34:51.0959 3200 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:34:52.0010 3200 Serenum - ok
18:34:52.0026 3200 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:34:52.0073 3200 Serial - ok
18:34:52.0105 3200 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:34:52.0126 3200 sermouse - ok
18:34:52.0167 3200 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
18:34:52.0190 3200 SessionEnv - ok
18:34:52.0207 3200 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
18:34:52.0245 3200 sffdisk - ok
18:34:52.0258 3200 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
18:34:52.0296 3200 sffp_mmc - ok
18:34:52.0307 3200 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
18:34:52.0345 3200 sffp_sd - ok
18:34:52.0358 3200 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:34:52.0404 3200 sfloppy - ok
18:34:52.0456 3200 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
18:34:52.0501 3200 SharedAccess - ok
18:34:52.0543 3200 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
18:34:52.0572 3200 ShellHWDetection - ok
18:34:52.0582 3200 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
18:34:52.0593 3200 sisagp - ok
18:34:52.0606 3200 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
18:34:52.0618 3200 SiSRaid2 - ok
18:34:52.0628 3200 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
18:34:52.0641 3200 SiSRaid4 - ok
18:34:52.0773 3200 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
18:34:52.0950 3200 slsvc - ok
18:34:53.0068 3200 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
18:34:53.0087 3200 SLUINotify - ok
18:34:53.0154 3200 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:34:53.0185 3200 Smb - ok
18:34:53.0217 3200 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
18:34:53.0229 3200 SNMPTRAP - ok
18:34:53.0268 3200 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:34:53.0280 3200 spldr - ok
18:34:53.0324 3200 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
18:34:53.0362 3200 Spooler - ok
18:34:53.0409 3200 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
18:34:53.0450 3200 srv - ok
18:34:53.0479 3200 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
18:34:53.0516 3200 srv2 - ok
18:34:53.0560 3200 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
18:34:53.0595 3200 srvnet - ok
18:34:53.0623 3200 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
18:34:53.0650 3200 SSDPSRV - ok
18:34:53.0682 3200 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
18:34:53.0695 3200 SstpSvc - ok
18:34:53.0741 3200 STacSV (b218068eba6f46f102b4218bdb81be0b) C:\Windows\system32\STacSV.exe
18:34:53.0791 3200 STacSV - ok
18:34:54.0062 3200 Steam Client Service - ok
18:34:54.0195 3200 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:34:54.0220 3200 Stereo Service - ok
18:34:54.0280 3200 STHDA (167909a1c36aa3e8f2582962f0ccc748) C:\Windows\system32\drivers\stwrt.sys
18:34:54.0307 3200 STHDA - ok
18:34:54.0371 3200 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
18:34:54.0440 3200 stisvc - ok
18:34:54.0477 3200 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:34:54.0488 3200 swenum - ok
18:34:54.0541 3200 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
18:34:54.0575 3200 swprv - ok
18:34:54.0597 3200 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:34:54.0608 3200 Symc8xx - ok
18:34:54.0615 3200 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:34:54.0625 3200 Sym_hi - ok
18:34:54.0634 3200 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:34:54.0645 3200 Sym_u3 - ok
18:34:54.0674 3200 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
18:34:54.0722 3200 SysMain - ok
18:34:54.0784 3200 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
18:34:54.0800 3200 TabletInputService - ok
18:34:54.0840 3200 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
18:34:54.0872 3200 TapiSrv - ok
18:34:54.0911 3200 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
18:34:54.0942 3200 TBS - ok
18:34:55.0000 3200 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
18:34:55.0027 3200 Tcpip - ok
18:34:55.0035 3200 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
18:34:55.0063 3200 Tcpip6 - ok
18:34:55.0126 3200 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:34:55.0142 3200 tcpipreg - ok
18:34:55.0186 3200 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:34:55.0207 3200 TDPIPE - ok
18:34:55.0217 3200 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:34:55.0238 3200 TDTCP - ok
18:34:55.0278 3200 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:34:55.0303 3200 tdx - ok
18:34:55.0321 3200 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:34:55.0333 3200 TermDD - ok
18:34:55.0406 3200 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
18:34:55.0472 3200 TermService - ok
18:34:55.0517 3200 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
18:34:55.0532 3200 Themes - ok
18:34:55.0575 3200 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
18:34:55.0597 3200 THREADORDER - ok
18:34:55.0639 3200 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
18:34:55.0662 3200 TrkWks - ok
18:34:55.0727 3200 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
18:34:55.0752 3200 TrustedInstaller - ok
18:34:55.0764 3200 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:34:55.0785 3200 tssecsrv - ok
18:34:55.0804 3200 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:34:55.0834 3200 tunmp - ok
18:34:55.0855 3200 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
18:34:55.0886 3200 tunnel - ok
18:34:55.0908 3200 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
18:34:55.0920 3200 uagp35 - ok
18:34:55.0964 3200 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:34:55.0986 3200 udfs - ok
18:34:56.0006 3200 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
18:34:56.0029 3200 UI0Detect - ok
18:34:56.0043 3200 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
18:34:56.0054 3200 uliagpkx - ok
18:34:56.0073 3200 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
18:34:56.0086 3200 uliahci - ok
18:34:56.0098 3200 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:34:56.0110 3200 UlSata - ok
18:34:56.0120 3200 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:34:56.0132 3200 ulsata2 - ok
18:34:56.0168 3200 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:34:56.0202 3200 umbus - ok
18:34:56.0246 3200 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
18:34:56.0281 3200 upnphost - ok
18:34:56.0322 3200 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:34:56.0353 3200 usbccgp - ok
18:34:56.0372 3200 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:34:56.0409 3200 usbcir - ok
18:34:56.0444 3200 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:34:56.0471 3200 usbehci - ok
18:34:56.0486 3200 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:34:56.0521 3200 usbhub - ok
18:34:56.0537 3200 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:34:56.0581 3200 usbohci - ok
18:34:56.0603 3200 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
18:34:56.0640 3200 usbprint - ok
18:34:56.0656 3200 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:34:56.0688 3200 USBSTOR - ok
18:34:56.0724 3200 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:34:56.0749 3200 usbuhci - ok
18:34:56.0789 3200 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
18:34:56.0822 3200 UxSms - ok
18:34:56.0846 3200 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
18:34:56.0916 3200 vds - ok
18:34:56.0952 3200 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
18:34:56.0984 3200 vga - ok
18:34:57.0032 3200 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:34:57.0067 3200 VgaSave - ok
18:34:57.0088 3200 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
18:34:57.0099 3200 viaagp - ok
18:34:57.0113 3200 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
18:34:57.0150 3200 ViaC7 - ok
18:34:57.0172 3200 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
18:34:57.0183 3200 viaide - ok
18:34:57.0235 3200 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:34:57.0247 3200 volmgr - ok
18:34:57.0296 3200 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:34:57.0311 3200 volmgrx - ok
18:34:57.0329 3200 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:34:57.0345 3200 volsnap - ok
18:34:57.0358 3200 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
18:34:57.0370 3200 vsmraid - ok
18:34:57.0409 3200 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
18:34:57.0487 3200 VSS - ok
18:34:57.0544 3200 VSTHWBS2 (c466021d31ff6c0a6069d12299d80c0b) C:\Windows\system32\DRIVERS\VSTBS23.SYS
18:34:57.0580 3200 VSTHWBS2 - ok
18:34:57.0620 3200 VST_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:34:57.0656 3200 VST_DPV - ok
18:34:57.0705 3200 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
18:34:57.0726 3200 W32Time - ok
18:34:57.0745 3200 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:34:57.0782 3200 WacomPen - ok
18:34:57.0829 3200 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:34:57.0847 3200 Wanarp - ok
18:34:57.0849 3200 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:34:57.0866 3200 Wanarpv6 - ok
18:34:57.0888 3200 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
18:34:57.0915 3200 wcncsvc - ok
18:34:57.0950 3200 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
18:34:57.0970 3200 WcsPlugInService - ok
18:34:57.0980 3200 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
18:34:57.0991 3200 Wd - ok
18:34:58.0038 3200 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:34:58.0067 3200 Wdf01000 - ok
18:34:58.0135 3200 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
18:34:58.0171 3200 WdiServiceHost - ok
18:34:58.0174 3200 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
18:34:58.0197 3200 WdiSystemHost - ok
18:34:58.0242 3200 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
18:34:58.0258 3200 WebClient - ok
18:34:58.0300 3200 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
18:34:58.0324 3200 Wecsvc - ok
18:34:58.0336 3200 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
18:34:58.0355 3200 wercplsupport - ok
18:34:58.0370 3200 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
18:34:58.0390 3200 WerSvc - ok
18:34:58.0426 3200 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
18:34:58.0483 3200 winachsf - ok
18:34:58.0564 3200 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
18:34:58.0593 3200 WinDefend - ok
18:34:58.0597 3200 WinHttpAutoProxySvc - ok
18:34:58.0660 3200 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
18:34:58.0683 3200 Winmgmt - ok
18:34:58.0763 3200 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
18:34:58.0839 3200 WinRM - ok
18:34:58.0891 3200 WinUsb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.SYS
18:34:58.0922 3200 WinUsb - ok
18:34:59.0007 3200 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
18:34:59.0087 3200 Wlansvc - ok
18:34:59.0106 3200 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
18:34:59.0143 3200 WmiAcpi - ok
18:34:59.0209 3200 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
18:34:59.0248 3200 wmiApSrv - ok
18:34:59.0352 3200 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:34:59.0400 3200 WMPNetworkSvc - ok
18:34:59.0445 3200 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
18:34:59.0484 3200 WPCSvc - ok
18:34:59.0548 3200 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
18:34:59.0584 3200 WPDBusEnum - ok
18:34:59.0722 3200 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:34:59.0774 3200 WPFFontCache_v0400 - ok
18:34:59.0859 3200 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:34:59.0881 3200 ws2ifsl - ok
18:34:59.0919 3200 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
18:34:59.0949 3200 wscsvc - ok
18:34:59.0952 3200 WSearch - ok
18:35:00.0053 3200 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
18:35:00.0124 3200 wuauserv - ok
18:35:00.0236 3200 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:00.0258 3200 WUDFRd - ok
18:35:00.0270 3200 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
18:35:00.0313 3200 wudfsvc - ok
18:35:00.0340 3200 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:35:00.0557 3200 \Device\Harddisk0\DR0 - ok
18:35:00.0565 3200 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
18:35:00.0657 3200 \Device\Harddisk1\DR1 - ok
18:35:00.0683 3200 Boot (0x1200) (dba330521c7fe216d64bf7f95dc82e04) \Device\Harddisk0\DR0\Partition0
18:35:00.0684 3200 \Device\Harddisk0\DR0\Partition0 - ok
18:35:00.0686 3200 Boot (0x1200) (b2c3084d80196d6b9224161db67d8ac2) \Device\Harddisk0\DR0\Partition1
18:35:00.0688 3200 \Device\Harddisk0\DR0\Partition1 - ok
18:35:00.0691 3200 Boot (0x1200) (b28522543f61a615c50796e4acce3d9b) \Device\Harddisk1\DR1\Partition0
18:35:00.0692 3200 \Device\Harddisk1\DR1\Partition0 - ok
18:35:00.0692 3200 ============================================================
18:35:00.0692 3200 Scan finished
18:35:00.0692 3200 ============================================================
18:35:00.0701 5836 Detected object count: 0
18:35:00.0701 5836 Actual detected object count: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aswMBR stopped working an hour into it the first time.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ComboFix 8:30 pm June 7, 12

ComboFix 12-06-07.04 - Owner 06/07/2012 20:36:46.2.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3069.1781 [GMT -5:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-05-08 to 2012-06-08 )))))))))))))))))))))))))))))))
.
.
2012-06-08 01:44 . 2012-06-08 01:44 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-08 01:44 . 2012-06-08 01:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-31 18:42 . 2012-05-31 18:42 388096 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-05-31 18:42 . 2012-05-31 18:42 -------- d-----w- c:\program files\Trend Micro
2012-05-31 01:56 . 2012-06-08 01:44 -------- d-----w- c:\programdata\RegRun
2012-05-31 01:56 . 2012-05-31 01:56 39184 ----a-w- c:\windows\system32\Partizan.exe
2012-05-31 01:56 . 2012-05-31 01:56 35816 ----a-w- c:\windows\system32\drivers\Partizan.sys
2012-05-31 01:56 . 2012-05-31 01:56 2 --shatr- c:\windows\winstart.bat
2012-05-31 01:56 . 2012-05-04 18:17 12800 ----a-w- c:\windows\system32\drivers\UnHackMeDrv.sys
2012-05-31 01:56 . 2012-06-05 00:54 -------- d-----w- c:\program files\UnHackMe
2012-05-23 04:10 . 2012-05-23 04:10 -------- d-----w- c:\program files\CCleaner
2012-05-09 15:48 . 2012-05-09 15:48 -------- d-----w- C:\$AVG
2012-05-09 15:48 . 2012-05-09 15:48 -------- d-----w- c:\users\Owner\AppData\Roaming\AVG2012
2012-05-09 15:47 . 2012-05-09 16:07 -------- d-----w- c:\programdata\AVG2012
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-19 09:50 . 2012-04-19 09:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-04-04 20:56 . 2012-03-22 02:05 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 08:16 . 2012-05-08 22:11 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-03 08:16 . 2012-05-08 22:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-02 13:36 . 2012-05-08 22:11 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 12:39 . 2012-05-08 22:18 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-20 23:28 . 2012-05-08 22:18 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-03-19 10:17 . 2012-03-19 10:17 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-05-04 14:34 . 2012-02-06 01:12 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Steam"="c:\program files\Steam\Steam.exe" [2012-03-13 1242448]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-12 405504]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Razer Anansi Driver"="c:\program files\Razer\Anansi\RazerAnansiSysTray.exe" [2011-10-17 939416]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"PivotSoftware"="c:\program files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" [2010-05-13 110192]
"DT ACR"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2010-06-30 121456]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart\0Partizan\0
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 97449774
*Deregistered* - 97449774
*Deregistered* - aswMBR
*Deregistered* - Partizan
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06 11:22]
.
2012-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06 11:22]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.3.1
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9ofhl484.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/|http://missouriwestern.edu/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-07 20:44
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2145506375-2984372104-633398988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*ŠœÞu.W“Y™MÂ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-2145506375-2984372104-633398988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*ŠœÞu.W“Y™MÂ\OpenWithList]
@Class="Shell"
"a"="Corel PaintShop Pro.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-06-07 20:46:46
ComboFix-quarantined-files.txt 2012-06-08 01:46
ComboFix2.txt 2012-06-04 21:01
.
Pre-Run: 258,262,614,016 bytes free
Post-Run: 258,357,481,472 bytes free
.
- - End Of File - - F48626A43349A72C26CC58E774E920D3

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

HiJackThis 8:50 pm 6/7/12

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:50:34 PM, on 6/7/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Acer Display\eDisplay Management\DTHtml.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
C:\Program Files\Portrait Displays\Pivot Pro Plugin\floater.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\notepad.exe
C:\Windows\Explorer.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Razer Anansi Driver] C:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
O4 - HKLM\..\Run: [DT ACR] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 6256 bytes

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

UnHackMe / RegRun Reanimator 8:53 pm 6/7/12

SpyHolesList Version:8.1 Build:6.9.7.98
07.06.2012 8:53:36 PM
WinDir=C:\Windows
Startup=C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Common Startup=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Windows Vista ™ Home Premium Service Pack 2 (6.0.6002)
Internet Explorer 9.0.8112.16421
[Internet Explorer]
[Default Home Page] :HKLM Default_Page_URL=http://go.microsoft.com/fwlink/?LinkId=69157
[Current Home Page] :HKCU Start Page=http://go.microsoft.com/fwlink/?LinkId=69157
[Current Home Page] :HKCU HOMEOldSP=""
[Search URL Template] :HKLM 1=www.%s.com
[Search URL Template] :HKLM 2=www.%s.org
[Search URL Template] :HKLM 3=www.%s.net
[Search URL Template] :HKLM 4=www.%s.edu
[All Users Search] :HKLM Default_Search_URL=http://go.microsoft.com/fwlink/?LinkId=54896
[All Users Search] :HKLM Search Page=http://go.microsoft.com/fwlink/?LinkId=54896
[Current Users Search] :HKCU Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[Current Users Search] :HKCU Search Bar=""
[IE Local Blank Page] :HKCU Local Page=C:\Windows\system32\blank.htm
[IE Local Blank Page] :HKLM Local Page=C:\Windows\System32\blank.htm
[Browser Helper Objects] {18DF081C-E8AD-4283-A596-FA578C2EBDC3}=C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL
[Browser Helper Objects] {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}=C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL
[Browser Helper Objects] {326E768D-4182-46FD-9C16-1449A49795F4}=C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL
[Browser Helper Objects] {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}=C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL
[Browser Helper Objects] {DBC80044-A445-435b-BC74-9C25C1C588A9}=C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL
[Auto Search URL] :HKCU provider=""
[Auto Search URL] :HKCU "Default Value"=""
[Search Assistant] :HKCU SearchAssistant=""
[Search Assistant] :HKLM SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[Search Assistant] :HKCU CustomizeSearch=""
[Search Assistant] :HKLM CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
[CustomizeSearch] :HKLM CustomizeSearch=""
[URLSearchHook] :HKCU {CFBFAE00-17A6-11D0-99CB-00C04FD64497}=C:\WINDOWS\SYSTEM32\IEFRAME.DLL
[Default Prefix] :HKLM "Default Value"=http://
[URL Default Prefixes] :HKLM ftp=ftp://
[URL Default Prefixes] :HKLM home=http://
[URL Default Prefixes] :HKLM mosaic=http://
[URL Default Prefixes] :HKLM www=http://
[URL Default Prefixes] :HKLM gopher=gopher://
[AboutURLs] :HKLM NoAdd-ons=res://ieframe.dll/noaddon.htm
[AboutURLs] :HKLM NoAdd-onsInfo=res://ieframe.dll/noaddoninfo.htm
[AboutURLs] :HKLM SecurityRisk=res://ieframe.dll/securityatrisk.htm
[AboutURLs] :HKLM NavigationFailure=res://ieframe.dll/navcancl.htm
[AboutURLs] :HKLM DesktopItemNavigationFailure=res://ieframe.dll/navcancl.htm
[AboutURLs] :HKLM NavigationCanceled=res://ieframe.dll/navcancl.htm
[AboutURLs] :HKLM OfflineInformation=res://ieframe.dll/offcancl.htm
[AboutURLs] :HKLM Home=270
[AboutURLs] :HKLM blank=res://mshtml.dll/blank.htm
[AboutURLs] :HKLM PostNotCached=res://ieframe.dll/repost.htm
[AboutURLs] :HKLM InPrivate=res://ieframe.dll/inprivate.htm
[User Style Sheet] :HKCU User Stylesheet=""
[User Style Sheet] :HKUS User Stylesheet=""
[User Style Sheet] :HKCU Use My Stylesheet=0
[User Style Sheet] :HKUS Use My Stylesheet=0
[Execute unsigned ActiveX in My Computer Zone] :HKCU 1201=1
[Execute unsigned ActiveX in My Computer Zone] :HKLM 1201=1
[Execute unsigned ActiveX in Local Intranet Zone] :HKCU 1201=3
[Execute unsigned ActiveX in Local Intranet Zone] :HKLM 1201=3
[Execute unsigned ActiveX in Internet Zone] :HKCU 1201=3
[Execute unsigned ActiveX in Internet Zone] :HKLM 1201=3
[Links Toolbar] :HKCU LinksFolderName=""
[IE Extensions - All Users] :HKLM {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}
[AutoConfigURL] :HKCU AutoConfigURL=""
[Proxy] :HKCU ProxyServer=""
[Proxy] :HKCU ProxyEnable=0
[Network Settings]
[Hosts File Path] :HKLM DataBasePath=%SystemRoot%\System32\drivers\etc
[Hosts File Contents] :HKLM 127.0.0.1 localhost
[Hosts File Contents] :HKLM ::1 localhost
[Browsers]
[Installed Browsers] FIREFOX.EXE=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
[Installed Browsers] IEXPLORE.EXE=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
[FireFox Settings] :HKLM browser.startup.homepage=http://www.facebook.com/|http://missouriwestern.edu/
[FireFox Settings] :HKLM network.proxy.http=""
[FireFox Settings] :HKLM network.proxy.http_port=""
[FireFox Settings] :HKLM browser.search.selectedEngine=bing
[FireFox Settings] :HKLM keyword.URL=""
[FireFox Settings] :HKLM network.proxy.autoconfig_url=""
[Network Settings]
[Domain Name] :HKLM Domain=""
[Name Server] {D38FC0F2-8E84-40B6-8A2E-CC5EA5127C67}=192.168.3.1
[WinSock2 Components] :HKLM NLAapi.dll=C:\WINDOWS\SYSTEM32\NLAAPI.DLL
[WinSock2 Components] :HKLM napinsp.dll=C:\WINDOWS\SYSTEM32\NAPINSP.DLL
[WinSock2 Components] :HKLM pnrpnsp.dll=C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
[WinSock2 Components] :HKLM mswsock.dll=C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
[WinSock2 Components] :HKLM winrnr.dll=C:\WINDOWS\SYSTEM32\WINRNR.DLL
[Windows Shell]
[Display Scrap's Extensions] :HKLM NeverShowExt=""
[ScreenSaver] :HKCU SCRNSAVE.EXE=C:\WINDOWS\SYSTEM32\AURORA.SCR
[System.ini] shell=Explorer.exe
[User Shell] :HKCU shell=""
[Main File Extensions] :HKLM .exe="%1" %*
[Main File Extensions] :HKLM .com="%1" %*
[Main File Extensions] :HKLM .pif="%1" %*
[Main File Extensions] :HKLM .bat="%1" %*
[Main File Extensions] :HKLM .cmd="%1" %*
[Main File Extensions] :HKLM .scr="%1" /S
[Main File Extensions] :HKLM .txt=%SystemRoot%\system32\NOTEPAD.EXE %1
[Main File Extensions] :HKLM .reg=regedit.exe "%1"
[Main File Extensions] :HKLM .inf=%SystemRoot%\System32\NOTEPAD.EXE %1
[Main File Extensions] :HKLM .ini=%SystemRoot%\system32\NOTEPAD.EXE %1
[Main File Extensions] :HKLM .js=%SystemRoot%\System32\WScript.exe "%1" %*
[Main File Extensions] :HKLM .vbs=%SystemRoot%\System32\WScript.exe "%1" %*
[Main File Extensions] :HKLM .vbe=%SystemRoot%\System32\WScript.exe "%1" %*
[Main File Extensions] :HKLM .msc=%SystemRoot%\system32\mmc.exe "%1" %*
[Main File Extensions] :HKLM .jpg=%SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll", ImageView_Fullscreen %1
[Main File Extensions] :HKLM .jpeg=%SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll", ImageView_Fullscreen %1
[UserInit Value] :HKLM UserInit=C:\Windows\system32\userinit.exe,
[Shell Services DelayLoad] :HKLM WebCheck=C:\WINDOWS\SYSTEM32\WEBCHECK.DLL
[System Shell Policies] :HKCU shell=""
[System Shell Policies] :HKLM shell=""
[System Shell Policies] :HKCU run=""
[System Shell Policies] :HKLM run=""
[App Paths] :HKLM AcroRd32.exe=C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
[App Paths] :HKLM AnansiConfig.exe=C:\Program Files\Razer\Anansi\
[App Paths] :HKLM AVGSE.DLL=C:\PROGRA~1\AVG\AVG2012\avgse.dll
[App Paths] :HKLM ccleaner.exe=C:\Program Files\CCleaner\CCleaner.exe
[App Paths] :HKLM cmmgr32.exe
[App Paths] :HKLM combofix.exe=C:\Users\Owner\Desktop\ComboFix.exe
[App Paths] :HKLM Corel PaintShop Pro.exe=c:\Program Files\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exe
[App Paths] :HKLM dvdmaker.exe=%ProgramFiles%\Movie Maker\dvdmaker.exe
[App Paths] :HKLM firefox.exe=C:\Program Files\Mozilla Firefox\firefox.exe
[App Paths] :HKLM HijackThis.exe=C:\Users\Owner\Desktop\hijackthis.exe
[App Paths] :HKLM IEDIAGCMD.EXE=C:\Program Files\Internet Explorer\IEDIAGCMD.EXE
[App Paths] :HKLM IEXPLORE.EXE=C:\Program Files\Internet Explorer\IEXPLORE.EXE
[App Paths] :HKLM inkball.exe=%ProgramFiles%\Microsoft Games\inkball\inkball.exe
[App Paths] :HKLM install.exe
[App Paths] :HKLM javaws.exe=C:\Program Files\Java\jre6\bin\javaws.exe
[App Paths] :HKLM Journal.exe=%ProgramFiles%\Windows Journal\Journal.exe
[App Paths] :HKLM mbam.exe=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
[App Paths] :HKLM moviemk.exe=%ProgramFiles%\Movie Maker\moviemk.exe
[App Paths] :HKLM mplayer2.exe=%ProgramFiles%\Windows Media Player\wmplayer.exe
[App Paths] :HKLM msimn.exe=%ProgramFiles%\Windows Mail\WinMail.exe
[App Paths] :HKLM pbrush.exe=%SystemRoot%\System32\mspaint.exe
[App Paths] :HKLM PowerShell.exe=%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe
[App Paths] :HKLM sbase.exe=C:\Program Files\OpenOffice.org 3\program\sbase.exe
[App Paths] :HKLM scalc.exe=C:\Program Files\OpenOffice.org 3\program\scalc.exe
[App Paths] :HKLM sdraw.exe=C:\Program Files\OpenOffice.org 3\program\sdraw.exe
[App Paths] :HKLM setup.exe
[App Paths] :HKLM sidebar.exe="%ProgramFiles%\Windows Sidebar\sidebar.exe"
[App Paths] :HKLM simpress.exe=C:\Program Files\OpenOffice.org 3\program\simpress.exe
[App Paths] :HKLM smath.exe=C:\Program Files\OpenOffice.org 3\program\smath.exe
[App Paths] :HKLM SnippingTool.exe=C:\Windows\System32\SnippingTool.exe
[App Paths] :HKLM soffice.exe=C:\Program Files\OpenOffice.org 3\program\soffice.exe
[App Paths] :HKLM stikynot.exe=C:\Windows\System32\stikynot.exe
[App Paths] :HKLM swriter.exe=C:\Program Files\OpenOffice.org 3\program\swriter.exe
[App Paths] :HKLM table30.exe
[App Paths] :HKLM TabTip.exe=%CommonProgramFiles%\microsoft shared\ink\TabTip.exe
[App Paths] :HKLM unopkg.exe=C:\Program Files\OpenOffice.org 3\program\unopkg.exe
[App Paths] :HKLM wab.exe=%ProgramFiles%\Windows Mail\wab.exe
[App Paths] :HKLM wabmig.exe=%ProgramFiles%\Windows Mail\wabmig.exe
[App Paths] :HKLM WinCal.exe="%ProgramFiles%\Windows Calendar\wincal.exe"
[App Paths] :HKLM WinMail.exe=%ProgramFiles%\Windows Mail\WinMail.exe
[App Paths] :HKLM wmplayer.exe=%ProgramFiles%\Windows Media Player\wmplayer.exe
[App Paths] :HKLM WORDPAD.EXE=C:\PROGRAM FILES\WINDOWS NT\ACCESSORIES\WORDPAD.EXE
[App Paths] :HKLM WRITE.EXE="%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
[App Paths] :HKLM XPSViewer.exe="C:\Windows\System32\XPSViewer\XPSViewer.exe"
[Prevents Display in Control Panel from running.] :HKCU NoDispCpl=0
[Disable Registry Tools] :HKCU DisableRegistryTools =0
[SharedTaskScheduler] :HKLM {8C7461EF-2B13-11d2-BE35-3078302C2030}=C:\WINDOWS\SYSTEM32\BROWSEUI.DLL
[Kernel Auto Boot]
[ActiveSetup] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95}=C:\WINDOWS\SYSTEM32\UNREGMP2.EXE
[Svchost DLLs] :HKLM nsi=C:\WINDOWS\SYSTEM32\NSISVC.DLL
[Svchost DLLs] :HKLM lltdsvc=C:\WINDOWS\SYSTEM32\LLTDSVC.DLL
[Svchost DLLs] :HKLM SSDPSRV=C:\WINDOWS\SYSTEM32\SSDPSRV.DLL
[Svchost DLLs] :HKLM upnphost=C:\WINDOWS\SYSTEM32\UPNPHOST.DLL
[Svchost DLLs] :HKLM SCardSvr=C:\WINDOWS\SYSTEM32\SCARDSVR.DLL
[Svchost DLLs] :HKLM w32time=C:\WINDOWS\SYSTEM32\W32TIME.DLL
[Svchost DLLs] :HKLM EventSystem=C:\WINDOWS\SYSTEM32\ES.DLL
[Svchost DLLs] :HKLM RemoteRegistry=C:\WINDOWS\SYSTEM32\REGSVC.DLL
[Svchost DLLs] :HKLM WinHttpAutoProxySvc=C:\Windows\system32\WINHTTP.DLL
[Svchost DLLs] :HKLM lanmanworkstation=C:\WINDOWS\SYSTEM32\WKSSVC.DLL
[Svchost DLLs] :HKLM TBS=C:\WINDOWS\SYSTEM32\TBSSVC.DLL
[Svchost DLLs] :HKLM SLUINotify=C:\WINDOWS\SYSTEM32\SLUINOTIFY.DLL
[Svchost DLLs] :HKLM THREADORDER=C:\WINDOWS\SYSTEM32\MMCSS.DLL
[Svchost DLLs] :HKLM fdrespub=C:\WINDOWS\SYSTEM32\FDRESPUB.DLL
[Svchost DLLs] :HKLM netprofm=C:\WINDOWS\SYSTEM32\NETPROFM.DLL
[Svchost DLLs] :HKLM fdphost=C:\WINDOWS\SYSTEM32\FDPHOST.DLL
[Svchost DLLs] :HKLM wcncsvc=C:\WINDOWS\SYSTEM32\WCNCSVC.DLL
[Svchost DLLs] :HKLM QWAVE=C:\WINDOWS\SYSTEM32\QWAVE.DLL
[Svchost DLLs] :HKLM Mcx2Svc=C:\WINDOWS\SYSTEM32\MCX2SVC.DLL
[Svchost DLLs] :HKLM WebClient=C:\WINDOWS\SYSTEM32\WEBCLNT.DLL
[Svchost DLLs] :HKLM SstpSvc=C:\WINDOWS\SYSTEM32\SSTPSVC.DLL
[Svchost DLLs] :HKLM hidserv=%SystemRoot%\System32\hidserv.dll
[Svchost DLLs] :HKLM UxSms=C:\WINDOWS\SYSTEM32\UXSMS.DLL
[Svchost DLLs] :HKLM WdiSystemHost=C:\WINDOWS\SYSTEM32\WDI.DLL
[Svchost DLLs] :HKLM Netman=C:\WINDOWS\SYSTEM32\NETMAN.DLL
[Svchost DLLs] :HKLM trkwks=C:\WINDOWS\SYSTEM32\TRKWKS.DLL
[Svchost DLLs] :HKLM AudioEndpointBuilder=C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL
[Svchost DLLs] :HKLM WUDFSvc=C:\WINDOWS\SYSTEM32\WUDFSVC.DLL
[Svchost DLLs] :HKLM irmon
[Svchost DLLs] :HKLM sysmain=C:\WINDOWS\SYSTEM32\SYSMAIN.DLL
[Svchost DLLs] :HKLM IPBusEnum=C:\WINDOWS\SYSTEM32\IPBUSENUM.DLL
[Svchost DLLs] :HKLM dot3svc=C:\WINDOWS\SYSTEM32\DOT3SVC.DLL
[Svchost DLLs] :HKLM PcaSvc=C:\WINDOWS\SYSTEM32\PCASVC.DLL
[Svchost DLLs] :HKLM EMDMgmt=C:\WINDOWS\SYSTEM32\EMDMGMT.DLL
[Svchost DLLs] :HKLM TabletInputService=C:\WINDOWS\SYSTEM32\TABSVC.DLL
[Svchost DLLs] :HKLM wlansvc=C:\WINDOWS\SYSTEM32\WLANSVC.DLL
[Svchost DLLs] :HKLM WPDBusEnum=C:\WINDOWS\SYSTEM32\WPDBUSENUM.DLL
[Svchost DLLs] :HKLM PolicyAgent=C:\WINDOWS\SYSTEM32\IPSECSVC.DLL
[Svchost DLLs] :HKLM PLA=C:\WINDOWS\SYSTEM32\PLA.DLL
[Svchost DLLs] :HKLM DPS=C:\WINDOWS\SYSTEM32\DPS.DLL
[Svchost DLLs] :HKLM BFE=C:\WINDOWS\SYSTEM32\BFE.DLL
[Svchost DLLs] :HKLM mpssvc=C:\WINDOWS\SYSTEM32\MPSSVC.DLL
[Svchost DLLs] :HKLM ehstart=C:\WINDOWS\EHOME\EHSTART.DLL
[Svchost DLLs] :HKLM CryptSvc=C:\WINDOWS\SYSTEM32\CRYPTSVC.DLL
[Svchost DLLs] :HKLM DHCP=C:\WINDOWS\SYSTEM32\DHCPCSVC.DLL
[Svchost DLLs] :HKLM TermService=C:\WINDOWS\SYSTEM32\TERMSRV.DLL
[Svchost DLLs] :HKLM KtmRm=C:\WINDOWS\SYSTEM32\MSDTCKRM.DLL
[Svchost DLLs] :HKLM DNSCache=C:\WINDOWS\SYSTEM32\DNSRSLVR.DLL
[Svchost DLLs] :HKLM NapAgent=C:\WINDOWS\SYSTEM32\QAGENTRT.DLL
[Svchost DLLs] :HKLM nlasvc=C:\WINDOWS\SYSTEM32\NLASVC.DLL
[Svchost DLLs] :HKLM WinRM=C:\WINDOWS\SYSTEM32\WSMSVC.DLL
[Svchost DLLs] :HKLM WECSVC=C:\WINDOWS\SYSTEM32\WECSVC.DLL
[Svchost DLLs] :HKLM Tapisrv=C:\WINDOWS\SYSTEM32\TAPISRV.DLL
[Svchost DLLs] :HKLM wersvc=C:\WINDOWS\SYSTEM32\WERSVC.DLL
[Svchost DLLs] :HKLM AeLookupSvc=C:\WINDOWS\SYSTEM32\AELUPSVC.DLL
[Svchost DLLs] :HKLM wercplsupport=C:\WINDOWS\SYSTEM32\WERCPLSUPPORT.DLL
[Svchost DLLs] :HKLM Themes=C:\WINDOWS\SYSTEM32\SHSVCS.DLL
[Svchost DLLs] :HKLM CertPropSvc=C:\WINDOWS\SYSTEM32\CERTPROP.DLL
[Svchost DLLs] :HKLM SCPolicySvc=C:\WINDOWS\SYSTEM32\CERTPROP.DLL
[Svchost DLLs] :HKLM lanmanserver=C:\WINDOWS\SYSTEM32\SRVSVC.DLL
[Svchost DLLs] :HKLM gpsvc=C:\WINDOWS\SYSTEM32\GPSVC.DLL
[Svchost DLLs] :HKLM IKEEXT=C:\WINDOWS\SYSTEM32\IKEEXT.DLL
[Svchost DLLs] :HKLM AudioSrv=C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL
[Svchost DLLs] :HKLM FastUserSwitchingCompatibility
[Svchost DLLs] :HKLM Ias
[Svchost DLLs] :HKLM Nla
[Svchost DLLs] :HKLM Ntmssvc
[Svchost DLLs] :HKLM NWCWorkstation
[Svchost DLLs] :HKLM Nwsapagent
[Svchost DLLs] :HKLM Rasauto=C:\WINDOWS\SYSTEM32\RASAUTO.DLL
[Svchost DLLs] :HKLM Rasman=C:\WINDOWS\SYSTEM32\RASMANS.DLL
[Svchost DLLs] :HKLM Remoteaccess=C:\WINDOWS\SYSTEM32\MPRDIM.DLL
[Svchost DLLs] :HKLM SENS=C:\WINDOWS\SYSTEM32\SENS.DLL
[Svchost DLLs] :HKLM Sharedaccess=C:\WINDOWS\SYSTEM32\IPNATHLP.DLL
[Svchost DLLs] :HKLM SRService
[Svchost DLLs] :HKLM Wmi
[Svchost DLLs] :HKLM WmdmPmSp
[Svchost DLLs] :HKLM wuauserv=C:\WINDOWS\SYSTEM32\WUAUENG.DLL
[Svchost DLLs] :HKLM BITS=C:\WINDOWS\SYSTEM32\QMGR.DLL
[Svchost DLLs] :HKLM ShellHWDetection=C:\WINDOWS\SYSTEM32\SHSVCS.DLL
[Svchost DLLs] :HKLM LogonHours
[Svchost DLLs] :HKLM PCAudit
[Svchost DLLs] :HKLM helpsvc
[Svchost DLLs] :HKLM uploadmgr
[Svchost DLLs] :HKLM iphlpsvc=C:\WINDOWS\SYSTEM32\IPHLPSVC.DLL
[Svchost DLLs] :HKLM seclogon=C:\WINDOWS\SYSTEM32\SECLOGON.DLL
[Svchost DLLs] :HKLM AppInfo=C:\WINDOWS\SYSTEM32\APPINFO.DLL
[Svchost DLLs] :HKLM msiscsi=C:\WINDOWS\SYSTEM32\ISCSIEXE.DLL
[Svchost DLLs] :HKLM MMCSS=C:\WINDOWS\SYSTEM32\MMCSS.DLL
[Svchost DLLs] :HKLM ProfSvc=C:\WINDOWS\SYSTEM32\PROFSVC.DLL
[Svchost DLLs] :HKLM EapHost=C:\WINDOWS\SYSTEM32\EAPSVC.DLL
[Svchost DLLs] :HKLM winmgmt=C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL
[Svchost DLLs] :HKLM schedule=C:\WINDOWS\SYSTEM32\SCHEDSVC.DLL
[Svchost DLLs] :HKLM SessionEnv=C:\WINDOWS\SYSTEM32\SESSENV.DLL
[Svchost DLLs] :HKLM browser=C:\WINDOWS\SYSTEM32\BROWSER.DLL
[Svchost DLLs] :HKLM hkmsvc=C:\WINDOWS\SYSTEM32\KMSVC.DLL
[Svchost DLLs] :HKLM swprv=C:\WINDOWS\SYSTEM32\SWPRV.DLL
[Svchost DLLs] :HKLM eventlog
[Svchost DLLs] :HKLM LmHosts=C:\WINDOWS\SYSTEM32\LMHSVC.DLL
[Svchost DLLs] :HKLM wscsvc=C:\WINDOWS\SYSTEM32\WSCSVC.DLL
[Svchost DLLs] :HKLM p2pimsvc=C:\WINDOWS\SYSTEM32\P2PSVC.DLL
[Svchost DLLs] :HKLM PNRPSvc=C:\WINDOWS\SYSTEM32\P2PSVC.DLL
[Svchost DLLs] :HKLM p2psvc=C:\WINDOWS\SYSTEM32\P2PSVC.DLL
[Svchost DLLs] :HKLM WPCSvc=C:\WINDOWS\SYSTEM32\WPCSVC.DLL
[Svchost DLLs] :HKLM PnrpAutoReg=C:\WINDOWS\SYSTEM32\P2PSVC.DLL
[Svchost DLLs] :HKLM RpcSs=C:\WINDOWS\SYSTEM32\RPCSS.DLL
[Svchost DLLs] :HKLM WcsPlugInService=C:\WINDOWS\SYSTEM32\WCSPLUGINSERVICE.DLL
[Svchost DLLs] :HKLM PlugPlay=C:\WINDOWS\SYSTEM32\UMPNPMGR.DLL
[Svchost DLLs] :HKLM DcomLaunch=C:\WINDOWS\SYSTEM32\RPCSS.DLL
[Svchost DLLs] :HKLM WdiServiceHost=C:\WINDOWS\SYSTEM32\WDI.DLL
[Svchost DLLs] :HKLM sdrsvc=C:\WINDOWS\SYSTEM32\SDRSVC.DLL
[Svchost DLLs] :HKLM StiSvc=C:\WINDOWS\SYSTEM32\WIASERVC.DLL
[Svchost DLLs] :HKLM WinDefend=C:\PROGRAM FILES\WINDOWS DEFENDER\MPSVC.DLL
[Svchost DLLs] :HKLM FontCache=C:\WINDOWS\SYSTEM32\FNTCACHE.DLL
[Svchost DLLs] :HKLM AppMgmt=%SystemRoot%\System32\appmgmts.dll
[Bootexecute] :HKLM BootExecute=autocheck autochk *
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
Partizan
[Winlogon System] :HKLM system=""
[Winlogon System] :HKLM taskman=""
[Winlogon System] :HKLM UIHost=""
[Winlogon Autostart] :HKLM VmApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
[Winlogon Autostart] :HKLM AppSetup=""
[Environment - Path] :HKLM Path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
[List of Injected DLLs] :HKLM AppInit_DLLs=""
[LSA Notification Packages] :HKLM scecli=C:\Windows\system32\SCECLI.DLL
[LSA Security Packages] :HKLM kerberos=C:\Windows\system32\KERBEROS.DLL
[LSA Security Packages] :HKLM msv1_0=C:\Windows\system32\MSV1_0.DLL
[LSA Security Packages] :HKLM schannel=C:\Windows\system32\SCHANNEL.DLL
[LSA Security Packages] :HKLM wdigest=C:\Windows\system32\WDIGEST.DLL
[LSA Security Packages] :HKLM tspkg=C:\Windows\system32\TSPKG.DLL
[Auto Services] AdobeARMservice
[Auto Services] AeLookupSvc
[Auto Services] Ati External Event Utility
[Auto Services] AudioEndpointBuilder
[Auto Services] Audiosrv
[Auto Services] AVGIDSAgent
[Auto Services] avgwd
[Auto Services] BFE
[Auto Services] BITS
[Auto Services] Browser
[Auto Services] clr_optimization_v4.0.30319_32
[Auto Services] CryptSvc
[Auto Services] DcomLaunch
[Auto Services] Dhcp
[Auto Services] Dnscache
[Auto Services] DPS
[Auto Services] DTSRVC
[Auto Services] ehstart
[Auto Services] EMDMgmt
[Auto Services] Eventlog
[Auto Services] EventSystem
[Auto Services] FDResPub
[Auto Services] FontCache
[Auto Services] gpsvc
[Auto Services] hidserv
[Auto Services] IKEEXT
[Auto Services] iphlpsvc
[Auto Services] KtmRm
[Auto Services] LanmanServer
[Auto Services] LanmanWorkstation
[Auto Services] lmhosts
[Auto Services] MBAMService
[Auto Services] MMCSS
[Auto Services] MpsSvc
[Auto Services] netprofm
[Auto Services] NlaSvc
[Auto Services] nsi
[Auto Services] nvsvc
[Auto Services] nvUpdatusService
[Auto Services] PcaSvc
[Auto Services] PdiService
[Auto Services] PlugPlay
[Auto Services] PolicyAgent
[Auto Services] ProfSvc
[Auto Services] PSI_SVC_2
[Auto Services] RpcSs
[Auto Services] SamSs
[Auto Services] Schedule
[Auto Services] seclogon
[Auto Services] SENS
[Auto Services] SharedAccess
[Auto Services] ShellHWDetection
[Auto Services] slsvc
[Auto Services] Spooler
[Auto Services] STacSV
[Auto Services] Stereo Service
[Auto Services] stisvc
[Auto Services] SysMain
[Auto Services] TabletInputService
[Auto Services] TBS
[Auto Services] TermService
[Auto Services] Themes
[Auto Services] TrkWks
[Auto Services] upnphost
[Auto Services] UxSms
[Auto Services] W32Time
[Auto Services] WebClient
[Auto Services] WerSvc
[Auto Services] Winmgmt
[Auto Services] WPDBusEnum
[Auto Services] wscsvc
[Auto Services] WSearch
[Auto Services] wuauserv
[Auto Services] wudfsvc
[Drivers] ntkrnlpa.exe=C:\Windows\SYSTEM32\NTKRNLPA.EXE
[Drivers] hal.dll=C:\Windows\SYSTEM32\HAL.DLL
[Drivers] kdcom.dll=C:\Windows\SYSTEM32\KDCOM.DLL
[Drivers] mcupdate_GenuineIntel.dll=C:\Windows\SYSTEM32\MCUPDATE_GENUINEINTEL.DLL
[Drivers] PSHED.dll=C:\Windows\SYSTEM32\PSHED.DLL
[Drivers] BOOTVID.dll=C:\Windows\SYSTEM32\BOOTVID.DLL
[Drivers] CLFS.SYS=C:\Windows\SYSTEM32\CLFS.SYS
[Drivers] CI.dll=C:\Windows\SYSTEM32\CI.DLL
[Drivers] Wdf01000.sys=C:\Windows\SYSTEM32\DRIVERS\WDF01000.SYS
[Drivers] WDFLDR.SYS=C:\Windows\SYSTEM32\DRIVERS\WDFLDR.SYS
[Drivers] acpi.sys=C:\Windows\SYSTEM32\DRIVERS\ACPI.SYS
[Drivers] WMILIB.SYS=C:\Windows\SYSTEM32\DRIVERS\WMILIB.SYS
[Drivers] Partizan.sys=C:\Windows\SYSTEM32\DRIVERS\PARTIZAN.SYS
[Drivers] msisadrv.sys=C:\Windows\SYSTEM32\DRIVERS\MSISADRV.SYS
[Drivers] pci.sys=C:\Windows\SYSTEM32\DRIVERS\PCI.SYS
[Drivers] partmgr.sys=C:\Windows\SYSTEM32\DRIVERS\PARTMGR.SYS
[Drivers] volmgr.sys=C:\Windows\SYSTEM32\DRIVERS\VOLMGR.SYS
[Drivers] volmgrx.sys=C:\Windows\SYSTEM32\DRIVERS\VOLMGRX.SYS
[Drivers] pciide.sys=C:\Windows\SYSTEM32\DRIVERS\PCIIDE.SYS
[Drivers] PCIIDEX.SYS=C:\Windows\SYSTEM32\DRIVERS\PCIIDEX.SYS
[Drivers] mountmgr.sys=C:\Windows\SYSTEM32\DRIVERS\MOUNTMGR.SYS
[Drivers] atapi.sys=C:\Windows\SYSTEM32\DRIVERS\ATAPI.SYS
[Drivers] ataport.SYS=C:\Windows\SYSTEM32\DRIVERS\ATAPORT.SYS
[Drivers] fltmgr.sys=C:\Windows\SYSTEM32\DRIVERS\FLTMGR.SYS
[Drivers] fileinfo.sys=C:\Windows\SYSTEM32\DRIVERS\FILEINFO.SYS
[Drivers] ksecdd.sys=C:\Windows\SYSTEM32\DRIVERS\KSECDD.SYS
[Drivers] ndis.sys=C:\Windows\SYSTEM32\DRIVERS\NDIS.SYS
[Drivers] msrpc.sys=C:\Windows\SYSTEM32\DRIVERS\MSRPC.SYS
[Drivers] NETIO.SYS=C:\Windows\SYSTEM32\DRIVERS\NETIO.SYS
[Drivers] tcpip.sys=C:\Windows\SYSTEM32\DRIVERS\TCPIP.SYS
[Drivers] fwpkclnt.sys=C:\Windows\SYSTEM32\DRIVERS\FWPKCLNT.SYS
[Drivers] Ntfs.sys=C:\Windows\SYSTEM32\DRIVERS\NTFS.SYS
[Drivers] volsnap.sys=C:\Windows\SYSTEM32\DRIVERS\VOLSNAP.SYS
[Drivers] spldr.sys=C:\Windows\SYSTEM32\DRIVERS\SPLDR.SYS
[Drivers] mup.sys=C:\Windows\SYSTEM32\DRIVERS\MUP.SYS
[Drivers] ecache.sys=C:\Windows\SYSTEM32\DRIVERS\ECACHE.SYS
[Drivers] disk.sys=C:\Windows\SYSTEM32\DRIVERS\DISK.SYS
[Drivers] CLASSPNP.SYS=C:\Windows\SYSTEM32\DRIVERS\CLASSPNP.SYS
[Drivers] crcdisk.sys=C:\Windows\SYSTEM32\DRIVERS\CRCDISK.SYS
[Drivers] avgrkx86.sys=C:\Windows\SYSTEM32\DRIVERS\AVGRKX86.SYS
[Drivers] avgidshx.sys=C:\Windows\SYSTEM32\DRIVERS\AVGIDSHX.SYS
[Drivers] tunnel.sys=C:\Windows\SYSTEM32\DRIVERS\TUNNEL.SYS
[Drivers] tunmp.sys=C:\Windows\SYSTEM32\DRIVERS\TUNMP.SYS
[Drivers] intelppm.sys=C:\Windows\SYSTEM32\DRIVERS\INTELPPM.SYS
[Drivers] nvlddmkm.sys=C:\Windows\SYSTEM32\DRIVERS\NVLDDMKM.SYS
[Drivers] nvBridge.kmd=C:\Windows\SYSTEM32\DRIVERS\NVBRIDGE.KMD
[Drivers] dxgkrnl.sys=C:\Windows\SYSTEM32\DRIVERS\DXGKRNL.SYS
[Drivers] watchdog.sys=C:\Windows\SYSTEM32\DRIVERS\WATCHDOG.SYS
[Drivers] HDAudBus.sys=C:\Windows\SYSTEM32\DRIVERS\HDAUDBUS.SYS
[Drivers] e1e6032.sys=C:\Windows\SYSTEM32\DRIVERS\E1E6032.SYS
[Drivers] usbuhci.sys=C:\Windows\SYSTEM32\DRIVERS\USBUHCI.SYS
[Drivers] USBPORT.SYS=C:\Windows\SYSTEM32\DRIVERS\USBPORT.SYS
[Drivers] usbehci.sys=C:\Windows\SYSTEM32\DRIVERS\USBEHCI.SYS
[Drivers] VSTBS23.SYS=C:\Windows\SYSTEM32\DRIVERS\VSTBS23.SYS
[Drivers] ks.sys=C:\Windows\SYSTEM32\DRIVERS\KS.SYS
[Drivers] VSTDPV3.SYS=C:\Windows\SYSTEM32\DRIVERS\VSTDPV3.SYS
[Drivers] VSTCNXT3.SYS=C:\Windows\SYSTEM32\DRIVERS\VSTCNXT3.SYS
[Drivers] modem.sys=C:\Windows\SYSTEM32\DRIVERS\MODEM.SYS
[Drivers] ohci1394.sys=C:\Windows\SYSTEM32\DRIVERS\OHCI1394.SYS
[Drivers] 1394BUS.SYS=C:\Windows\SYSTEM32\DRIVERS\1394BUS.SYS
[Drivers] cdrom.sys=C:\Windows\SYSTEM32\DRIVERS\CDROM.SYS
[Drivers] msiscsi.sys=C:\Windows\SYSTEM32\DRIVERS\MSISCSI.SYS
[Drivers] storport.sys=C:\Windows\SYSTEM32\DRIVERS\STORPORT.SYS
[Drivers] TDI.SYS=C:\Windows\SYSTEM32\DRIVERS\TDI.SYS
[Drivers] rasl2tp.sys=C:\Windows\SYSTEM32\DRIVERS\RASL2TP.SYS
[Drivers] ndistapi.sys=C:\Windows\SYSTEM32\DRIVERS\NDISTAPI.SYS
[Drivers] ndiswan.sys=C:\Windows\SYSTEM32\DRIVERS\NDISWAN.SYS
[Drivers] raspppoe.sys=C:\Windows\SYSTEM32\DRIVERS\RASPPPOE.SYS
[Drivers] raspptp.sys=C:\Windows\SYSTEM32\DRIVERS\RASPPTP.SYS
[Drivers] rassstp.sys=C:\Windows\SYSTEM32\DRIVERS\RASSSTP.SYS
[Drivers] PdiPorts.sys=C:\Windows\SYSTEM32\DRIVERS\PDIPORTS.SYS
[Drivers] termdd.sys=C:\Windows\SYSTEM32\DRIVERS\TERMDD.SYS
[Drivers] kbdclass.sys=C:\Windows\SYSTEM32\DRIVERS\KBDCLASS.SYS
[Drivers] mouclass.sys=C:\Windows\SYSTEM32\DRIVERS\MOUCLASS.SYS
[Drivers] swenum.sys=C:\Windows\SYSTEM32\DRIVERS\SWENUM.SYS
[Drivers] mssmbios.sys=C:\Windows\SYSTEM32\DRIVERS\MSSMBIOS.SYS
[Drivers] umbus.sys=C:\Windows\SYSTEM32\DRIVERS\UMBUS.SYS
[Drivers] usbhub.sys=C:\Windows\SYSTEM32\DRIVERS\USBHUB.SYS
[Drivers] NDProxy.SYS=C:\Windows\SYSTEM32\DRIVERS\NDPROXY.SYS
[Drivers] nvhda32v.sys=C:\Windows\SYSTEM32\DRIVERS\NVHDA32V.SYS
[Drivers] portcls.sys=C:\Windows\SYSTEM32\DRIVERS\PORTCLS.SYS
[Drivers] drmk.sys=C:\Windows\SYSTEM32\DRIVERS\DRMK.SYS
[Drivers] stwrt.sys=C:\Windows\SYSTEM32\DRIVERS\STWRT.SYS
[Drivers] avgmfx86.sys=C:\Windows\SYSTEM32\DRIVERS\AVGMFX86.SYS
[Drivers] Fs_Rec.SYS=C:\Windows\SYSTEM32\DRIVERS\FS_REC.SYS
[Drivers] Null.SYS=C:\Windows\SYSTEM32\DRIVERS\NULL.SYS
[Drivers] Beep.SYS=C:\Windows\SYSTEM32\DRIVERS\BEEP.SYS
[Drivers] HIDPARSE.SYS=C:\Windows\SYSTEM32\DRIVERS\HIDPARSE.SYS
[Drivers] vga.sys=C:\Windows\SYSTEM32\DRIVERS\VGA.SYS
[Drivers] VIDEOPRT.SYS=C:\Windows\SYSTEM32\DRIVERS\VIDEOPRT.SYS
[Drivers] RDPCDD.sys=C:\Windows\SYSTEM32\DRIVERS\RDPCDD.SYS
[Drivers] rdpencdd.sys=C:\Windows\SYSTEM32\DRIVERS\RDPENCDD.SYS
[Drivers] Msfs.SYS=C:\Windows\SYSTEM32\DRIVERS\MSFS.SYS
[Drivers] Npfs.SYS=C:\Windows\SYSTEM32\DRIVERS\NPFS.SYS
[Drivers] rasacd.sys=C:\Windows\SYSTEM32\DRIVERS\RASACD.SYS
[Drivers] tdx.sys=C:\Windows\SYSTEM32\DRIVERS\TDX.SYS
[Drivers] smb.sys=C:\Windows\SYSTEM32\DRIVERS\SMB.SYS
[Drivers] avgtdix.sys=C:\Windows\SYSTEM32\DRIVERS\AVGTDIX.SYS
[Drivers] netbt.sys=C:\Windows\SYSTEM32\DRIVERS\NETBT.SYS
[Drivers] afd.sys=C:\Windows\SYSTEM32\DRIVERS\AFD.SYS
[Drivers] ws2ifsl.sys=C:\Windows\SYSTEM32\DRIVERS\WS2IFSL.SYS
[Drivers] pacer.sys=C:\Windows\SYSTEM32\DRIVERS\PACER.SYS
[Drivers] netbios.sys=C:\Windows\SYSTEM32\DRIVERS\NETBIOS.SYS
[Drivers] wanarp.sys=C:\Windows\SYSTEM32\DRIVERS\WANARP.SYS
[Drivers] rdbss.sys=C:\Windows\SYSTEM32\DRIVERS\RDBSS.SYS
[Drivers] nsiproxy.sys=C:\Windows\SYSTEM32\DRIVERS\NSIPROXY.SYS
[Drivers] dfsc.sys=C:\Windows\SYSTEM32\DRIVERS\DFSC.SYS
[Drivers] avgldx86.sys=C:\Windows\SYSTEM32\DRIVERS\AVGLDX86.SYS
[Drivers] usbccgp.sys=C:\Windows\SYSTEM32\DRIVERS\USBCCGP.SYS
[Drivers] USBD.SYS=C:\Windows\SYSTEM32\DRIVERS\USBD.SYS
[Drivers] hidusb.sys=C:\Windows\SYSTEM32\DRIVERS\HIDUSB.SYS
[Drivers] HIDCLASS.SYS=C:\Windows\SYSTEM32\DRIVERS\HIDCLASS.SYS
[Drivers] kbdhid.sys=C:\Windows\SYSTEM32\DRIVERS\KBDHID.SYS
[Drivers] RzSynapse.sys=C:\Windows\SYSTEM32\DRIVERS\RZSYNAPSE.SYS
[Drivers] mouhid.sys=C:\Windows\SYSTEM32\DRIVERS\MOUHID.SYS
[Drivers] USBSTOR.SYS=C:\Windows\SYSTEM32\DRIVERS\USBSTOR.SYS
[Drivers] fastfat.SYS=C:\Windows\SYSTEM32\DRIVERS\FASTFAT.SYS
[Drivers] cdfs.sys=C:\Windows\SYSTEM32\DRIVERS\CDFS.SYS
[Drivers] crashdmp.sys=C:\Windows\SYSTEM32\DRIVERS\CRASHDMP.SYS
[Drivers] dumpata.sys=C:\Windows\SYSTEM32\DRIVERS\DUMP_DUMPATA.SYS
[Drivers] atapi.sys=C:\Windows\SYSTEM32\DRIVERS\DUMP_ATAPI.SYS
[Drivers] win32k.sys=C:\Windows\SYSTEM32\WIN32K.SYS
[Drivers] Dxapi.sys=C:\Windows\SYSTEM32\DRIVERS\DXAPI.SYS
[Drivers] monitor.sys=C:\Windows\SYSTEM32\DRIVERS\MONITOR.SYS
[Drivers] TSDDD.dll=C:\Windows\SYSTEM32\TSDDD.DLL
[Drivers] cdd.dll=C:\Windows\SYSTEM32\CDD.DLL
[Drivers] ATMFD.DLL=C:\Windows\SYSTEM32\ATMFD.DLL
[Drivers] luafv.sys=C:\Windows\SYSTEM32\DRIVERS\LUAFV.SYS
[Drivers] spsys.sys=C:\Windows\SYSTEM32\DRIVERS\SPSYS.SYS
[Drivers] lltdio.sys=C:\Windows\SYSTEM32\DRIVERS\LLTDIO.SYS
[Drivers] rspndr.sys=C:\Windows\SYSTEM32\DRIVERS\RSPNDR.SYS
[Drivers] WinUSB.SYS=C:\Windows\SYSTEM32\DRIVERS\WINUSB.SYS
[Drivers] WUDFRd.sys=C:\Windows\SYSTEM32\DRIVERS\WUDFRD.SYS
[Drivers] WUDFPf.sys=C:\Windows\SYSTEM32\DRIVERS\WUDFPF.SYS
[Drivers] HTTP.sys=C:\Windows\SYSTEM32\DRIVERS\HTTP.SYS
[Drivers] srvnet.sys=C:\Windows\SYSTEM32\DRIVERS\SRVNET.SYS
[Drivers] bowser.sys=C:\Windows\SYSTEM32\DRIVERS\BOWSER.SYS
[Drivers] mpsdrv.sys=C:\Windows\SYSTEM32\DRIVERS\MPSDRV.SYS
[Drivers] mrxdav.sys=C:\Windows\SYSTEM32\DRIVERS\MRXDAV.SYS
[Drivers] mrxsmb.sys=C:\Windows\SYSTEM32\DRIVERS\MRXSMB.SYS
[Drivers] mrxsmb10.sys=C:\Windows\SYSTEM32\DRIVERS\MRXSMB10.SYS
[Drivers] mrxsmb20.sys=C:\Windows\SYSTEM32\DRIVERS\MRXSMB20.SYS
[Drivers] srv2.sys=C:\Windows\SYSTEM32\DRIVERS\SRV2.SYS
[Drivers] srv.sys=C:\Windows\SYSTEM32\DRIVERS\SRV.SYS
[Drivers] avgidsshimx.sys=C:\Windows\SYSTEM32\DRIVERS\AVGIDSSHIMX.SYS
[Drivers] peauth.sys=C:\Windows\SYSTEM32\DRIVERS\PEAUTH.SYS
[Drivers] secdrv.SYS=C:\Windows\SYSTEM32\DRIVERS\SECDRV.SYS
[Drivers] tcpipreg.sys=C:\Windows\SYSTEM32\DRIVERS\TCPIPREG.SYS
[Drivers] avgidsfilterx.sys=C:\Windows\SYSTEM32\DRIVERS\AVGIDSFILTERX.SYS
[Drivers] avgidsdriverx.sys=C:\Windows\SYSTEM32\DRIVERS\AVGIDSDRIVERX.SYS
[Drivers] mbam.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MBAM.SYS
[Drivers] aswMBR.sys=C:\USERS\OWNER\APPDATA\LOCAL\TEMP\ASWMBR.SYS
[Drivers] PROCEXP113.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\PROCEXP113.SYS
[Drivers] catchme.sys=C:\USERS\OWNER\APPDATA\LOCAL\TEMP\CATCHME.SYS
[Drivers] ntdll.dll=C:\WINDOWS\SYSTEM32\NTDLL.DLL
[Services detected by Partizan] :HKLM .NET CLR Data
[Services detected by Partizan] :HKLM .NET CLR Networking
[Services detected by Partizan] :HKLM .NET CLR Networking 4.0.0.0
[Services detected by Partizan] :HKLM .NET Data Provider for Oracle
[Services detected by Partizan] :HKLM .NET Data Provider for SqlServer
[Services detected by Partizan] :HKLM .NETFramework
[Services detected by Partizan] :HKLM ACPI=C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
[Services detected by Partizan] :HKLM AdobeARMservice=C:\PROGRAM FILES\COMMON FILES\ADOBE\ARM\1.0\ARMSVC.EXE
[Services detected by Partizan] :HKLM adp94xx=C:\WINDOWS\SYSTEM32\DRIVERS\ADP94XX.SYS
[Services detected by Partizan] :HKLM adpahci=C:\WINDOWS\SYSTEM32\DRIVERS\ADPAHCI.SYS
[Services detected by Partizan] :HKLM adpu160m=C:\WINDOWS\SYSTEM32\DRIVERS\ADPU160M.SYS
[Services detected by Partizan] :HKLM adpu320=C:\WINDOWS\SYSTEM32\DRIVERS\ADPU320.SYS
[Services detected by Partizan] :HKLM adsi
[Services detected by Partizan] :HKLM AeLookupSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM AFD=C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
[Services detected by Partizan] :HKLM agp440=C:\WINDOWS\SYSTEM32\DRIVERS\AGP440.SYS
[Services detected by Partizan] :HKLM aic78xx=C:\WINDOWS\SYSTEM32\DRIVERS\DJSVS.SYS
[Services detected by Partizan] :HKLM ALG=C:\WINDOWS\SYSTEM32\ALG.EXE
[Services detected by Partizan] :HKLM aliide=C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS
[Services detected by Partizan] :HKLM amdagp=C:\WINDOWS\SYSTEM32\DRIVERS\AMDAGP.SYS
[Services detected by Partizan] :HKLM amdide=C:\WINDOWS\SYSTEM32\DRIVERS\AMDIDE.SYS
[Services detected by Partizan] :HKLM AmdK7=C:\WINDOWS\SYSTEM32\DRIVERS\AMDK7.SYS
[Services detected by Partizan] :HKLM AmdK8=C:\WINDOWS\SYSTEM32\DRIVERS\AMDK8.SYS
[Services detected by Partizan] :HKLM Appinfo=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM AppMgmt=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM arc=C:\WINDOWS\SYSTEM32\DRIVERS\ARC.SYS
[Services detected by Partizan] :HKLM arcsas=C:\WINDOWS\SYSTEM32\DRIVERS\ARCSAS.SYS
[Services detected by Partizan] :HKLM AsyncMac=C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
[Services detected by Partizan] :HKLM atapi=C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
[Services detected by Partizan] :HKLM Ati External Event Utility=C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
[Services detected by Partizan] :HKLM Atierecord
[Services detected by Partizan] :HKLM atikmdag=C:\WINDOWS\SYSTEM32\DRIVERS\ATIKMDAG.SYS
[Services detected by Partizan] :HKLM AudioEndpointBuilder=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Audiosrv=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Avg
[Services detected by Partizan] :HKLM AVGIDSAgent=C:\PROGRAM FILES\AVG\AVG2012\AVGIDSAGENT.EXE
[Services detected by Partizan] :HKLM AVGIDSDriver=C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSDRIVERX.SYS
[Services detected by Partizan] :HKLM AVGIDSFilter=C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSFILTERX.SYS
[Services detected by Partizan] :HKLM AVGIDSHX=C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSHX.SYS
[Services detected by Partizan] :HKLM AVGIDSShim=C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSSHIMX.SYS
[Services detected by Partizan] :HKLM Avgldx86=C:\WINDOWS\SYSTEM32\DRIVERS\AVGLDX86.SYS
[Services detected by Partizan] :HKLM Avgmfx86=C:\WINDOWS\SYSTEM32\DRIVERS\AVGMFX86.SYS
[Services detected by Partizan] :HKLM Avgrkx86=C:\WINDOWS\SYSTEM32\DRIVERS\AVGRKX86.SYS
[Services detected by Partizan] :HKLM Avgtdix=C:\WINDOWS\SYSTEM32\DRIVERS\AVGTDIX.SYS
[Services detected by Partizan] :HKLM avgwd=C:\PROGRAM FILES\AVG\AVG2012\AVGWDSVC.EXE
[Services detected by Partizan] :HKLM BattC=C:\WINDOWS\SYSTEM32\DRIVERS\BATTC.SYS
[Services detected by Partizan] :HKLM Beep=C:\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS
[Services detected by Partizan] :HKLM BFE=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM BITS=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM blbdrive=\SystemRoot\system32\drivers\blbdrive.sys
[Services detected by Partizan] :HKLM bowser=C:\WINDOWS\SYSTEM32\DRIVERS\BOWSER.SYS
[Services detected by Partizan] :HKLM BrFiltLo=C:\WINDOWS\SYSTEM32\DRIVERS\BRFILTLO.SYS
[Services detected by Partizan] :HKLM BrFiltUp=C:\WINDOWS\SYSTEM32\DRIVERS\BRFILTUP.SYS
[Services detected by Partizan] :HKLM Browser=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Brserid=C:\WINDOWS\SYSTEM32\DRIVERS\BRSERID.SYS
[Services detected by Partizan] :HKLM BrSerWdm=C:\WINDOWS\SYSTEM32\DRIVERS\BRSERWDM.SYS
[Services detected by Partizan] :HKLM BrUsbMdm=C:\WINDOWS\SYSTEM32\DRIVERS\BRUSBMDM.SYS
[Services detected by Partizan] :HKLM BrUsbSer=C:\WINDOWS\SYSTEM32\DRIVERS\BRUSBSER.SYS
[Services detected by Partizan] :HKLM BTHMODEM=C:\WINDOWS\SYSTEM32\DRIVERS\BTHMODEM.SYS
[Services detected by Partizan] :HKLM BTHPORT
[Services detected by Partizan] :HKLM catchme=\??\C:\Users\Owner\AppData\Local\Temp\catchme.sys
[Services detected by Partizan] :HKLM cdfs=C:\WINDOWS\SYSTEM32\DRIVERS\CDFS.SYS
[Services detected by Partizan] :HKLM cdrom=C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
[Services detected by Partizan] :HKLM CertPropSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM circlass=C:\WINDOWS\SYSTEM32\DRIVERS\CIRCLASS.SYS
[Services detected by Partizan] :HKLM CLFS=C:\WINDOWS\SYSTEM32\CLFS.SYS
[Services detected by Partizan] :HKLM clr_optimization_v2.0.50727_32=C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\MSCORSVW.EXE
[Services detected by Partizan] :HKLM clr_optimization_v4.0.30319_32=C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MSCORSVW.EXE
[Services detected by Partizan] :HKLM cmdide=C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS
[Services detected by Partizan] :HKLM Compbatt=C:\WINDOWS\SYSTEM32\DRIVERS\COMPBATT.SYS
[Services detected by Partizan] :HKLM COMSysApp=C:\WINDOWS\SYSTEM32\DLLHOST.EXE
[Services detected by Partizan] :HKLM crcdisk=C:\WINDOWS\SYSTEM32\DRIVERS\CRCDISK.SYS
[Services detected by Partizan] :HKLM Crusoe=C:\WINDOWS\SYSTEM32\DRIVERS\CRUSOE.SYS
[Services detected by Partizan] :HKLM crypt32
[Services detected by Partizan] :HKLM CryptSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM DCLocator
[Services detected by Partizan] :HKLM DcomLaunch=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM DfsC=C:\WINDOWS\SYSTEM32\DRIVERS\DFSC.SYS
[Services detected by Partizan] :HKLM DFSR=C:\WINDOWS\SYSTEM32\DFSR.EXE
[Services detected by Partizan] :HKLM Dhcp=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM disk=C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
[Services detected by Partizan] :HKLM Dnscache=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM dot3svc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM DPS=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM drmkaud=C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
[Services detected by Partizan] :HKLM DTSRVC=C:\PROGRAM FILES\COMMON FILES\PORTRAIT DISPLAYS\SHARED\DTSRVC.EXE
[Services detected by Partizan] :HKLM DXGKrnl=C:\WINDOWS\SYSTEM32\DRIVERS\DXGKRNL.SYS
[Services detected by Partizan] :HKLM e1express=C:\WINDOWS\SYSTEM32\DRIVERS\E1E6032.SYS
[Services detected by Partizan] :HKLM E1G60=C:\WINDOWS\SYSTEM32\DRIVERS\E1G60I32.SYS
[Services detected by Partizan] :HKLM EapHost=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Ecache=C:\WINDOWS\SYSTEM32\DRIVERS\ECACHE.SYS
[Services detected by Partizan] :HKLM ehRecvr=C:\WINDOWS\EHOME\EHRECVR.EXE
[Services detected by Partizan] :HKLM ehSched=C:\WINDOWS\EHOME\EHSCHED.EXE
[Services detected by Partizan] :HKLM ehstart=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM elxstor=C:\WINDOWS\SYSTEM32\DRIVERS\ELXSTOR.SYS
[Services detected by Partizan] :HKLM EmdCache
[Services detected by Partizan] :HKLM EMDMgmt=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM ESENT
[Services detected by Partizan] :HKLM Eventlog=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM EventSystem=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM exfat=C:\WINDOWS\SYSTEM32\DRIVERS\EXFAT.SYS
[Services detected by Partizan] :HKLM fastfat=C:\WINDOWS\SYSTEM32\DRIVERS\FASTFAT.SYS
[Services detected by Partizan] :HKLM fdc=C:\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS
[Services detected by Partizan] :HKLM fdPHost=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM FDResPub=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM FileInfo=C:\WINDOWS\SYSTEM32\DRIVERS\FILEINFO.SYS
[Services detected by Partizan] :HKLM Filetrace=C:\WINDOWS\SYSTEM32\DRIVERS\FILETRACE.SYS
[Services detected by Partizan] :HKLM flpydisk=C:\WINDOWS\SYSTEM32\DRIVERS\FLPYDISK.SYS
[Services detected by Partizan] :HKLM FltMgr=C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS
[Services detected by Partizan] :HKLM FontCache=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM FontCache3.0.0.0=C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WPF\PRESENTATIONFONTCACHE.EXE
[Services detected by Partizan] :HKLM Fs_Rec=C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS
[Services detected by Partizan] :HKLM gagp30kx=C:\WINDOWS\SYSTEM32\DRIVERS\GAGP30KX.SYS
[Services detected by Partizan] :HKLM gpsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM HdAudAddService=C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDIO.SYS
[Services detected by Partizan] :HKLM HDAudBus=C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS
[Services detected by Partizan] :HKLM HidBth=C:\WINDOWS\SYSTEM32\DRIVERS\HIDBTH.SYS
[Services detected by Partizan] :HKLM HidIr=C:\WINDOWS\SYSTEM32\DRIVERS\HIDIR.SYS
[Services detected by Partizan] :HKLM hidserv=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM HidUsb=C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
[Services detected by Partizan] :HKLM hkmsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM HpCISSs=C:\WINDOWS\SYSTEM32\DRIVERS\HPCISSS.SYS
[Services detected by Partizan] :HKLM HTTP=C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
[Services detected by Partizan] :HKLM i2omp=C:\WINDOWS\SYSTEM32\DRIVERS\I2OMP.SYS
[Services detected by Partizan] :HKLM i8042prt=C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
[Services detected by Partizan] :HKLM iaStorV=C:\WINDOWS\SYSTEM32\DRIVERS\IASTORV.SYS
[Services detected by Partizan] :HKLM idsvc=C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\INFOCARD.EXE
[Services detected by Partizan] :HKLM iirsp=C:\WINDOWS\SYSTEM32\DRIVERS\IIRSP.SYS
[Services detected by Partizan] :HKLM IKEEXT=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM inetaccs
[Services detected by Partizan] :HKLM intelide=C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS
[Services detected by Partizan] :HKLM intelppm=C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS
[Services detected by Partizan] :HKLM IPBusEnum=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM IpFilterDriver=C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
[Services detected by Partizan] :HKLM iphlpsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM IpInIp=system32\DRIVERS\ipinip.sys
[Services detected by Partizan] :HKLM IPMIDRV=C:\WINDOWS\SYSTEM32\DRIVERS\IPMIDRV.SYS
[Services detected by Partizan] :HKLM IPNAT=C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
[Services detected by Partizan] :HKLM IRENUM=C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
[Services detected by Partizan] :HKLM isapnp=C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
[Services detected by Partizan] :HKLM iScsiPrt=C:\WINDOWS\SYSTEM32\DRIVERS\MSISCSI.SYS
[Services detected by Partizan] :HKLM iteatapi=C:\WINDOWS\SYSTEM32\DRIVERS\ITEATAPI.SYS
[Services detected by Partizan] :HKLM iteraid=C:\WINDOWS\SYSTEM32\DRIVERS\ITERAID.SYS
[Services detected by Partizan] :HKLM kbdclass=C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
[Services detected by Partizan] :HKLM kbdhid=C:\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS
[Services detected by Partizan] :HKLM KeyIso=C:\WINDOWS\SYSTEM32\LSASS.EXE
[Services detected by Partizan] :HKLM KSecDD=C:\WINDOWS\SYSTEM32\DRIVERS\KSECDD.SYS
[Services detected by Partizan] :HKLM KtmRm=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM LanmanServer=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM LanmanWorkstation=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM ldap
[Services detected by Partizan] :HKLM lltdio=C:\WINDOWS\SYSTEM32\DRIVERS\LLTDIO.SYS
[Services detected by Partizan] :HKLM lltdsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM lmhosts=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Lsa
[Services detected by Partizan] :HKLM LSI_FC=C:\WINDOWS\SYSTEM32\DRIVERS\LSI_FC.SYS
[Services detected by Partizan] :HKLM LSI_SAS=C:\WINDOWS\SYSTEM32\DRIVERS\LSI_SAS.SYS
[Services detected by Partizan] :HKLM LSI_SCSI=C:\WINDOWS\SYSTEM32\DRIVERS\LSI_SCSI.SYS
[Services detected by Partizan] :HKLM luafv=C:\WINDOWS\SYSTEM32\DRIVERS\LUAFV.SYS
[Services detected by Partizan] :HKLM MBAMProtector=C:\WINDOWS\SYSTEM32\DRIVERS\MBAM.SYS
[Services detected by Partizan] :HKLM MBAMService=C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE
[Services detected by Partizan] :HKLM Mcx2Svc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM megasas=C:\WINDOWS\SYSTEM32\DRIVERS\MEGASAS.SYS
[Services detected by Partizan] :HKLM MMCSS=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Modem=C:\WINDOWS\SYSTEM32\DRIVERS\MODEM.SYS
[Services detected by Partizan] :HKLM monitor=C:\WINDOWS\SYSTEM32\DRIVERS\MONITOR.SYS
[Services detected by Partizan] :HKLM mouclass=C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
[Services detected by Partizan] :HKLM mouhid=C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
[Services detected by Partizan] :HKLM MountMgr=C:\WINDOWS\SYSTEM32\DRIVERS\MOUNTMGR.SYS
[Services detected by Partizan] :HKLM MozillaMaintenance=C:\PROGRAM FILES\MOZILLA MAINTENANCE SERVICE\MAINTENANCESERVICE.EXE
[Services detected by Partizan] :HKLM mpio=C:\WINDOWS\SYSTEM32\DRIVERS\MPIO.SYS
[Services detected by Partizan] :HKLM mpsdrv=C:\WINDOWS\SYSTEM32\DRIVERS\MPSDRV.SYS
[Services detected by Partizan] :HKLM MpsSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Mraid35x=C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS
[Services detected by Partizan] :HKLM MRxDAV=C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
[Services detected by Partizan] :HKLM mrxsmb=C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
[Services detected by Partizan] :HKLM mrxsmb10=C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB10.SYS
[Services detected by Partizan] :HKLM mrxsmb20=C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB20.SYS
[Services detected by Partizan] :HKLM msahci=C:\WINDOWS\SYSTEM32\DRIVERS\MSAHCI.SYS
[Services detected by Partizan] :HKLM msdsm=C:\WINDOWS\SYSTEM32\DRIVERS\MSDSM.SYS
[Services detected by Partizan] :HKLM MSDTC=C:\WINDOWS\SYSTEM32\MSDTC.EXE
[Services detected by Partizan] :HKLM MSDTC Bridge 3.0.0.0
[Services detected by Partizan] :HKLM MSDTC Bridge 4.0.0.0
[Services detected by Partizan] :HKLM Msfs=C:\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS
[Services detected by Partizan] :HKLM msisadrv=C:\WINDOWS\SYSTEM32\DRIVERS\MSISADRV.SYS
[Services detected by Partizan] :HKLM MSiSCSI=C:\WINDOWS\SYSTEM32\DRIVERS\MSISCSI.SYS
[Services detected by Partizan] :HKLM msiserver=C:\WINDOWS\SYSTEM32\MSIEXEC.EXE
[Services detected by Partizan] :HKLM MSKSSRV=C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
[Services detected by Partizan] :HKLM MSPCLOCK=C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
[Services detected by Partizan] :HKLM MSPQM=C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
[Services detected by Partizan] :HKLM MsRPC=C:\WINDOWS\SYSTEM32\DRIVERS\MSRPC.SYS
[Services detected by Partizan] :HKLM MSSCNTRS
[Services detected by Partizan] :HKLM mssmbios=C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
[Services detected by Partizan] :HKLM MSTEE=C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS
[Services detected by Partizan] :HKLM Mup=C:\WINDOWS\SYSTEM32\DRIVERS\MUP.SYS
[Services detected by Partizan] :HKLM napagent=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM NativeWifiP=C:\WINDOWS\SYSTEM32\DRIVERS\NWIFI.SYS
[Services detected by Partizan] :HKLM NDIS=C:\WINDOWS\SYSTEM32\DRIVERS\NDIS.SYS
[Services detected by Partizan] :HKLM NdisTapi=C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
[Services detected by Partizan] :HKLM Ndisuio=C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
[Services detected by Partizan] :HKLM NdisWan=C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
[Services detected by Partizan] :HKLM NDProxy=C:\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS
[Services detected by Partizan] :HKLM NetBIOS=C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
[Services detected by Partizan] :HKLM netbt=C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
[Services detected by Partizan] :HKLM Netlogon=C:\WINDOWS\SYSTEM32\LSASS.EXE
[Services detected by Partizan] :HKLM Netman=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM netprofm=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM NetTcpPortSharing=C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\SMSVCHOST.EXE
[Services detected by Partizan] :HKLM nfrd960=C:\WINDOWS\SYSTEM32\DRIVERS\NFRD960.SYS
[Services detected by Partizan] :HKLM NlaSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Npfs=C:\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS
[Services detected by Partizan] :HKLM nsi=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM nsiproxy=C:\WINDOWS\SYSTEM32\DRIVERS\NSIPROXY.SYS
[Services detected by Partizan] :HKLM NTDS
[Services detected by Partizan] :HKLM Ntfs=C:\WINDOWS\SYSTEM32\DRIVERS\NTFS.SYS
[Services detected by Partizan] :HKLM ntrigdigi=C:\WINDOWS\SYSTEM32\DRIVERS\NTRIGDIGI.SYS
[Services detected by Partizan] :HKLM Null=C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS
[Services detected by Partizan] :HKLM NVHDA=C:\WINDOWS\SYSTEM32\DRIVERS\NVHDA32V.SYS
[Services detected by Partizan] :HKLM nvlddmkm=C:\WINDOWS\SYSTEM32\DRIVERS\NVLDDMKM.SYS
[Services detected by Partizan] :HKLM nvraid=C:\WINDOWS\SYSTEM32\DRIVERS\NVRAID.SYS
[Services detected by Partizan] :HKLM nvstor=C:\WINDOWS\SYSTEM32\DRIVERS\NVSTOR.SYS
[Services detected by Partizan] :HKLM nvsvc=C:\WINDOWS\SYSTEM32\NVVSVC.EXE
[Services detected by Partizan] :HKLM nvUpdatusService=C:\PROGRAM FILES\NVIDIA CORPORATION\NVIDIA UPDATE CORE\DAEMONU.EXE
[Services detected by Partizan] :HKLM nv_agp=C:\WINDOWS\SYSTEM32\DRIVERS\NV_AGP.SYS
[Services detected by Partizan] :HKLM NwlnkFlt=system32\DRIVERS\nwlnkflt.sys
[Services detected by Partizan] :HKLM NwlnkFwd=system32\DRIVERS\nwlnkfwd.sys
[Services detected by Partizan] :HKLM ohci1394=C:\WINDOWS\SYSTEM32\DRIVERS\OHCI1394.SYS
[Services detected by Partizan] :HKLM p2pimsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM p2psvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Parport=C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
[Services detected by Partizan] :HKLM Partizan=C:\WINDOWS\SYSTEM32\DRIVERS\PARTIZAN.SYS
[Services detected by Partizan] :HKLM partmgr=C:\WINDOWS\SYSTEM32\DRIVERS\PARTMGR.SYS
[Services detected by Partizan] :HKLM Parvdm=C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS
[Services detected by Partizan] :HKLM PcaSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM pci=C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
[Services detected by Partizan] :HKLM pciide=C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS
[Services detected by Partizan] :HKLM pcmcia=C:\WINDOWS\SYSTEM32\DRIVERS\PCMCIA.SYS
[Services detected by Partizan] :HKLM PdiPorts=C:\WINDOWS\SYSTEM32\DRIVERS\PDIPORTS.SYS
[Services detected by Partizan] :HKLM PdiService=C:\PROGRAM FILES\COMMON FILES\PORTRAIT DISPLAYS\DRIVERS\PDISRVC.EXE
[Services detected by Partizan] :HKLM PEAUTH=C:\WINDOWS\SYSTEM32\DRIVERS\PEAUTH.SYS
[Services detected by Partizan] :HKLM PerfDisk
[Services detected by Partizan] :HKLM PerfNet
[Services detected by Partizan] :HKLM PerfOS
[Services detected by Partizan] :HKLM PerfProc
[Services detected by Partizan] :HKLM pla=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM PlugPlay=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM PNRPAutoReg=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM PNRPsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM PolicyAgent=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM PortProxy
[Services detected by Partizan] :HKLM PptpMiniport=C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
[Services detected by Partizan] :HKLM Processor=C:\WINDOWS\SYSTEM32\DRIVERS\PROCESSR.SYS
[Services detected by Partizan] :HKLM ProfSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM ProtectedStorage=C:\WINDOWS\SYSTEM32\LSASS.EXE
[Services detected by Partizan] :HKLM PSched=C:\WINDOWS\SYSTEM32\DRIVERS\PACER.SYS
[Services detected by Partizan] :HKLM PSI_SVC_2=C:\PROGRAM FILES\COMMON FILES\PROTEXIS\LICENSE SERVICE\PSISERVICE_2.EXE
[Services detected by Partizan] :HKLM ql2300=C:\WINDOWS\SYSTEM32\DRIVERS\QL2300.SYS
[Services detected by Partizan] :HKLM ql40xx=C:\WINDOWS\SYSTEM32\DRIVERS\QL40XX.SYS
[Services detected by Partizan] :HKLM QWAVE=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM QWAVEdrv=C:\WINDOWS\SYSTEM32\DRIVERS\QWAVEDRV.SYS
[Services detected by Partizan] :HKLM RasAcd=C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
[Services detected by Partizan] :HKLM RasAuto=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Rasl2tp=C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
[Services detected by Partizan] :HKLM RasMan=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM RasPppoe=C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
[Services detected by Partizan] :HKLM RasSstp=C:\WINDOWS\SYSTEM32\DRIVERS\RASSSTP.SYS
[Services detected by Partizan] :HKLM rdbss=C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
[Services detected by Partizan] :HKLM RDPCDD=C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
[Services detected by Partizan] :HKLM RDPDD
[Services detected by Partizan] :HKLM rdpdr=C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
[Services detected by Partizan] :HKLM RDPENCDD=C:\WINDOWS\SYSTEM32\DRIVERS\RDPENCDD.SYS
[Services detected by Partizan] :HKLM RDPNP
[Services detected by Partizan] :HKLM RDPWD=C:\WINDOWS\SYSTEM32\DRIVERS\RDPWD.SYS
[Services detected by Partizan] :HKLM RemoteAccess=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM RemoteRegistry=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM RpcLocator=C:\WINDOWS\SYSTEM32\LOCATOR.EXE
[Services detected by Partizan] :HKLM RpcSs=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM rspndr=C:\WINDOWS\SYSTEM32\DRIVERS\RSPNDR.SYS
[Services detected by Partizan] :HKLM RzSynapse=C:\WINDOWS\SYSTEM32\DRIVERS\RZSYNAPSE.SYS
[Services detected by Partizan] :HKLM SamSs=C:\WINDOWS\SYSTEM32\LSASS.EXE
[Services detected by Partizan] :HKLM sbp2port=C:\WINDOWS\SYSTEM32\DRIVERS\SBP2PORT.SYS
[Services detected by Partizan] :HKLM SCardSvr=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Schedule=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM SCPolicySvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM SDRSVC=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM secdrv=C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
[Services detected by Partizan] :HKLM seclogon=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM SENS=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Serenum=C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
[Services detected by Partizan] :HKLM Serial=C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
[Services detected by Partizan] :HKLM sermouse=C:\WINDOWS\SYSTEM32\DRIVERS\SERMOUSE.SYS
[Services detected by Partizan] :HKLM ServiceModelEndpoint 3.0.0.0
[Services detected by Partizan] :HKLM ServiceModelOperation 3.0.0.0
[Services detected by Partizan] :HKLM ServiceModelService 3.0.0.0
[Services detected by Partizan] :HKLM SessionEnv=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM sffdisk=C:\WINDOWS\SYSTEM32\DRIVERS\SFFDISK.SYS
[Services detected by Partizan] :HKLM sffp_mmc=C:\WINDOWS\SYSTEM32\DRIVERS\SFFP_MMC.SYS
[Services detected by Partizan] :HKLM sffp_sd=C:\WINDOWS\SYSTEM32\DRIVERS\SFFP_SD.SYS
[Services detected by Partizan] :HKLM sfloppy=C:\WINDOWS\SYSTEM32\DRIVERS\SFLOPPY.SYS
[Services detected by Partizan] :HKLM SharedAccess=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM ShellHWDetection=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM sisagp=C:\WINDOWS\SYSTEM32\DRIVERS\SISAGP.SYS
[Services detected by Partizan] :HKLM SiSRaid2=C:\WINDOWS\SYSTEM32\DRIVERS\SISRAID2.SYS
[Services detected by Partizan] :HKLM SiSRaid4=C:\WINDOWS\SYSTEM32\DRIVERS\SISRAID4.SYS
[Services detected by Partizan] :HKLM slsvc=C:\WINDOWS\SYSTEM32\SLSVC.EXE
[Services detected by Partizan] :HKLM SLUINotify=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Smb=C:\WINDOWS\SYSTEM32\DRIVERS\SMB.SYS
[Services detected by Partizan] :HKLM SMSvcHost 3.0.0.0
[Services detected by Partizan] :HKLM SMSvcHost 4.0.0.0
[Services detected by Partizan] :HKLM SNMPTRAP=C:\WINDOWS\SYSTEM32\SNMPTRAP.EXE
[Services detected by Partizan] :HKLM spldr=C:\WINDOWS\SYSTEM32\DRIVERS\SPLDR.SYS
[Services detected by Partizan] :HKLM Spooler=C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
[Services detected by Partizan] :HKLM srv=C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS
[Services detected by Partizan] :HKLM srv2=C:\WINDOWS\SYSTEM32\DRIVERS\SRV2.SYS
[Services detected by Partizan] :HKLM srvnet=C:\WINDOWS\SYSTEM32\DRIVERS\SRVNET.SYS
[Services detected by Partizan] :HKLM SSDPSRV=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM SstpSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM STacSV=C:\WINDOWS\SYSTEM32\STACSV.EXE
[Services detected by Partizan] :HKLM Steam Client Service=C:\PROGRAM FILES\COMMON FILES\STEAM\STEAMSERVICE.EXE
[Services detected by Partizan] :HKLM Stereo Service=C:\PROGRAM FILES\NVIDIA CORPORATION\3D VISION\NVSCPAPISVR.EXE
[Services detected by Partizan] :HKLM STHDA=C:\WINDOWS\SYSTEM32\DRIVERS\STWRT.SYS
[Services detected by Partizan] :HKLM stisvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM swenum=C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
[Services detected by Partizan] :HKLM swprv=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Symc8xx=C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS
[Services detected by Partizan] :HKLM Sym_hi=C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS
[Services detected by Partizan] :HKLM Sym_u3=C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS
[Services detected by Partizan] :HKLM SysMain=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM TabletInputService=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM TapiSrv=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM TBS=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Tcpip=C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
[Services detected by Partizan] :HKLM Tcpip6=C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
[Services detected by Partizan] :HKLM tcpipreg=C:\WINDOWS\SYSTEM32\DRIVERS\TCPIPREG.SYS
[Services detected by Partizan] :HKLM TDPIPE=C:\WINDOWS\SYSTEM32\DRIVERS\TDPIPE.SYS
[Services detected by Partizan] :HKLM TDTCP=C:\WINDOWS\SYSTEM32\DRIVERS\TDTCP.SYS
[Services detected by Partizan] :HKLM tdx=C:\WINDOWS\SYSTEM32\DRIVERS\TDX.SYS
[Services detected by Partizan] :HKLM TermDD=C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
[Services detected by Partizan] :HKLM TermService=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Themes=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM THREADORDER=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM TrkWks=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM TrustedInstaller=C:\WINDOWS\SERVICING\TRUSTEDINSTALLER.EXE
[Services detected by Partizan] :HKLM TSDDD
[Services detected by Partizan] :HKLM tssecsrv=C:\WINDOWS\SYSTEM32\DRIVERS\TSSECSRV.SYS
[Services detected by Partizan] :HKLM tunmp=C:\WINDOWS\SYSTEM32\DRIVERS\TUNMP.SYS
[Services detected by Partizan] :HKLM tunnel=C:\WINDOWS\SYSTEM32\DRIVERS\TUNNEL.SYS
[Services detected by Partizan] :HKLM uagp35=C:\WINDOWS\SYSTEM32\DRIVERS\UAGP35.SYS
[Services detected by Partizan] :HKLM udfs=C:\WINDOWS\SYSTEM32\DRIVERS\UDFS.SYS
[Services detected by Partizan] :HKLM UGatherer
[Services detected by Partizan] :HKLM UGTHRSVC
[Services detected by Partizan] :HKLM UI0Detect=C:\WINDOWS\SYSTEM32\UI0DETECT.EXE
[Services detected by Partizan] :HKLM uliagpkx=C:\WINDOWS\SYSTEM32\DRIVERS\ULIAGPKX.SYS
[Services detected by Partizan] :HKLM uliahci=C:\WINDOWS\SYSTEM32\DRIVERS\ULIAHCI.SYS
[Services detected by Partizan] :HKLM UlSata=C:\WINDOWS\SYSTEM32\DRIVERS\ULSATA.SYS
[Services detected by Partizan] :HKLM ulsata2=C:\WINDOWS\SYSTEM32\DRIVERS\ULSATA2.SYS
[Services detected by Partizan] :HKLM umbus=C:\WINDOWS\SYSTEM32\DRIVERS\UMBUS.SYS
[Services detected by Partizan] :HKLM upnphost=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM usb
[Services detected by Partizan] :HKLM usbccgp=C:\WINDOWS\SYSTEM32\DRIVERS\USBCCGP.SYS
[Services detected by Partizan] :HKLM usbcir=C:\WINDOWS\SYSTEM32\DRIVERS\USBCIR.SYS
[Services detected by Partizan] :HKLM usbehci=C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
[Services detected by Partizan] :HKLM usbhub=C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
[Services detected by Partizan] :HKLM usbohci=C:\WINDOWS\SYSTEM32\DRIVERS\USBOHCI.SYS
[Services detected by Partizan] :HKLM usbprint=C:\WINDOWS\SYSTEM32\DRIVERS\USBPRINT.SYS
[Services detected by Partizan] :HKLM USBSTOR=C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
[Services detected by Partizan] :HKLM usbuhci=C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS
[Services detected by Partizan] :HKLM UxSms=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM vds=C:\WINDOWS\SYSTEM32\VDS.EXE
[Services detected by Partizan] :HKLM vga=C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
[Services detected by Partizan] :HKLM VgaSave=C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
[Services detected by Partizan] :HKLM viaagp=C:\WINDOWS\SYSTEM32\DRIVERS\VIAAGP.SYS
[Services detected by Partizan] :HKLM ViaC7=C:\WINDOWS\SYSTEM32\DRIVERS\VIAC7.SYS
[Services detected by Partizan] :HKLM viaide=C:\WINDOWS\SYSTEM32\DRIVERS\VIAIDE.SYS
[Services detected by Partizan] :HKLM volmgr=C:\WINDOWS\SYSTEM32\DRIVERS\VOLMGR.SYS
[Services detected by Partizan] :HKLM volmgrx=C:\WINDOWS\SYSTEM32\DRIVERS\VOLMGRX.SYS
[Services detected by Partizan] :HKLM volsnap=C:\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS
[Services detected by Partizan] :HKLM vsmraid=C:\WINDOWS\SYSTEM32\DRIVERS\VSMRAID.SYS
[Services detected by Partizan] :HKLM VSS=C:\WINDOWS\SYSTEM32\VSSVC.EXE
[Services detected by Partizan] :HKLM VSTHWBS2=C:\WINDOWS\SYSTEM32\DRIVERS\VSTBS23.SYS
[Services detected by Partizan] :HKLM VST_DPV=C:\WINDOWS\SYSTEM32\DRIVERS\VSTDPV3.SYS
[Services detected by Partizan] :HKLM W32Time=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM W3SVC
[Services detected by Partizan] :HKLM WacomPen=C:\WINDOWS\SYSTEM32\DRIVERS\WACOMPEN.SYS
[Services detected by Partizan] :HKLM Wanarp=C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
[Services detected by Partizan] :HKLM Wanarpv6=C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
[Services detected by Partizan] :HKLM wcncsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WcsPlugInService=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Wd=C:\WINDOWS\SYSTEM32\DRIVERS\WD.SYS
[Services detected by Partizan] :HKLM Wdf01000=C:\WINDOWS\SYSTEM32\DRIVERS\WDF01000.SYS
[Services detected by Partizan] :HKLM WdiServiceHost=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WdiSystemHost=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WebClient=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Wecsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM wercplsupport=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WerSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM winachsf=C:\WINDOWS\SYSTEM32\DRIVERS\VSTCNXT3.SYS
[Services detected by Partizan] :HKLM WinDefend=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Windows Workflow Foundation 3.0.0.0
[Services detected by Partizan] :HKLM WinHttpAutoProxySvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Winmgmt=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WinRM=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM Winsock
[Services detected by Partizan] :HKLM WinSock2
[Services detected by Partizan] :HKLM WinUsb=C:\WINDOWS\SYSTEM32\DRIVERS\WINUSB.SYS
[Services detected by Partizan] :HKLM Wlansvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WmiAcpi=C:\WINDOWS\SYSTEM32\DRIVERS\WMIACPI.SYS
[Services detected by Partizan] :HKLM WmiApRpl
[Services detected by Partizan] :HKLM wmiApSrv=C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
[Services detected by Partizan] :HKLM WMPNetworkSvc=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
[Services detected by Partizan] :HKLM WPCSvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WPDBusEnum=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WPFFontCache_v0400=C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\WPF\WPFFONTCACHE_V0400.EXE
[Services detected by Partizan] :HKLM ws2ifsl=C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS
[Services detected by Partizan] :HKLM wscsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WSearch=C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
[Services detected by Partizan] :HKLM WSearchIdxPi
[Services detected by Partizan] :HKLM wuauserv=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM WUDFRd=C:\WINDOWS\SYSTEM32\DRIVERS\WUDFRD.SYS
[Services detected by Partizan] :HKLM wudfsvc=C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[Services detected by Partizan] :HKLM xmlprov
[Services detected by Partizan] :HKLM {07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}
[Services detected by Partizan] :HKLM {D38FC0F2-8E84-40B6-8A2E-CC5EA5127C67}
[Codecs] :HKLM vidc.mrle=C:\Windows\system32\MSRLE32.DLL
[Codecs] :HKLM vidc.msvc=C:\Windows\system32\MSVIDC32.DLL
[Codecs] :HKLM msacm.imaadpcm=C:\Windows\system32\IMAADP32.ACM
[Codecs] :HKLM msacm.msg711=C:\Windows\system32\MSG711.ACM
[Codecs] :HKLM msacm.msgsm610=C:\Windows\system32\MSGSM32.ACM
[Codecs] :HKLM msacm.msadpcm=C:\Windows\system32\MSADP32.ACM
[Codecs] :HKLM midimapper=C:\Windows\system32\MIDIMAP.DLL
[Codecs] :HKLM wavemapper=C:\Windows\system32\MSACM32.DRV
[Codecs] :HKLM vidc.uyvy=C:\Windows\system32\MSYUV.DLL
[Codecs] :HKLM vidc.yuy2=C:\Windows\system32\MSYUV.DLL
[Codecs] :HKLM vidc.yvyu=C:\Windows\system32\MSYUV.DLL
[Codecs] :HKLM vidc.iyuv=C:\Windows\system32\IYUV_32.DLL
[Codecs] :HKLM vidc.i420=C:\Windows\system32\IYUV_32.DLL
[Codecs] :HKLM vidc.yvu9=C:\Windows\system32\TSBYUV.DLL
[Codecs] :HKLM msacm.l3acm=C:\WINDOWS\SYSTEM32\L3CODECA.ACM
[Codecs] :HKLM vidc.cvid=C:\Windows\system32\ICCVID.DLL
[Codecs] :HKLM wave=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM midi=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM mixer=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM msacm.voxacm160=C:\Windows\system32\VCT3216.ACM
[Codecs] :HKLM msacm.scg726=C:\Windows\system32\SCG726.ACM
[Codecs] :HKLM msacm.alf2cd=C:\Windows\system32\ALF2CD.ACM
[Codecs] :HKLM msacm.ac3acm=C:\Windows\system32\AC3ACM.ACM
[Codecs] :HKLM vidc.dvsd=C:\Windows\system32\MCDVD_32.DLL
[Codecs] :HKLM vidc.xvid=C:\Windows\system32\XVIDVFW.DLL
[Codecs] :HKLM vidc.mpg4=C:\Windows\system32\MPG4C32.DLL
[Codecs] :HKLM vidc.mp42=C:\Windows\system32\MPG4C32.DLL
[Codecs] :HKLM vidc.mp43=C:\Windows\system32\MPG4C32.DLL
[Codecs] :HKLM vidc.DIVX=C:\Windows\system32\DIVX.DLL
[Codecs] :HKLM vidc.yv12=C:\Windows\system32\DIVX.DLL
[Codecs] :HKLM wave1=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM midi1=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM mixer1=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM wave2=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM midi2=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM mixer2=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM wave3=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM midi3=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM mixer3=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM wave4=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM midi4=C:\Windows\system32\WDMAUD.DRV
[Codecs] :HKLM mixer4=C:\Windows\system32\WDMAUD.DRV
[Auto Start Apps]
[Registry Run] :HKCU Sidebar=C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE
[Registry Run] :HKCU Steam=C:\PROGRAM FILES\STEAM\STEAM.EXE
[Registry Run] :HKCU WMPNSCFG=C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNSCFG.EXE
[Registry Run] :HKLM StartCCC=C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CLISTART.EXE
[Registry Run] :HKLM SigmatelSysTrayApp=C:\PROGRAM FILES\SIGMATEL\C-MAJOR AUDIO\WDM\STTRAY.EXE
[Registry Run] :HKLM AVG_TRAY=C:\PROGRAM FILES\AVG\AVG2012\AVGTRAY.EXE
[Registry Run] :HKLM SunJavaUpdateSched=C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
[Registry Run] :HKLM Adobe ARM=C:\PROGRAM FILES\COMMON FILES\ADOBE\ARM\1.0\ADOBEARM.EXE
[Registry Run] :HKLM Razer Anansi Driver=C:\PROGRAM FILES\RAZER\ANANSI\RAZERANANSISYSTRAY.EXE
[Registry Run] :HKLM Malwarebytes' Anti-Malware=C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMGUI.EXE
[Registry Run] :HKLM DivXUpdate=C:\PROGRAM FILES\DIVX\DIVX UPDATE\DIVXUPDATE.EXE
[Registry Run] :HKLM PivotSoftware=C:\PROGRAM FILES\PORTRAIT DISPLAYS\PIVOT PRO PLUGIN\PIVOT_STARTUP.EXE
[Registry Run] :HKLM DT ACR=C:\PROGRAM FILES\COMMON FILES\PORTRAIT DISPLAYS\SHARED\DT_STARTUP.EXE
[Registry RunOnceEx] :HKLM @UnHackMe=C:\PROGRA~1\UnHackMe\Unhackme.exe /p Partizan
[Win.ini] load=""
[Win.ini] run=""
[Startup Folder] OpenOffice.org 3.3.lnk=C:\PROGRAM FILES\OPENOFFICE.ORG 3\PROGRAM\QUICKSTART.EXE
[Scheduled Tasks] GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000UA=C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
[Scheduled Tasks] GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000Core=C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
[In memory]
[Running Processes] C:\WINDOWS\SYSTEM32\DWM.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\TASKENG.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\TASKENG.EXE
[Running Processes] C:\PROGRAM FILES\UNHACKME\HACKMON.EXE
[Running Processes] C:\PROGRAM FILES\SIGMATEL\C-MAJOR AUDIO\WDM\STTRAY.EXE
[Running Processes] C:\PROGRAM FILES\AVG\AVG2012\AVGTRAY.EXE
[Running Processes] C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
[Running Processes] C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
[Running Processes] C:\PROGRAM FILES\DIVX\DIVX UPDATE\DIVXUPDATE.EXE
[Running Processes] C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE
[Running Processes] C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNSCFG.EXE
[Running Processes] C:\PROGRAM FILES\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.EXE
[Running Processes] C:\PROGRAM FILES\ACER DISPLAY\EDISPLAY MANAGEMENT\DTHTML.EXE
[Running Processes] C:\PROGRAM FILES\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.BIN
[Running Processes] C:\PROGRAM FILES\COMMON FILES\PORTRAIT DISPLAYS\SHARED\HOOKMANAGER.EXE
[Running Processes] C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVTRAY.EXE
[Running Processes] C:\PROGRAM FILES\PORTRAIT DISPLAYS\PIVOT PRO PLUGIN\WPCTRL.EXE
[Running Processes] C:\PROGRAM FILES\PORTRAIT DISPLAYS\PIVOT PRO PLUGIN\FLOATER.EXE
[Running Processes] C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
[Running Processes] C:\PROGRAM FILES\AVG\AVG2012\AVGCFGEX.EXE
[Running Processes] C:\WINDOWS\EXPLORER.EXE
[Running Processes] C:\PROGRAM FILES\UNHACKME\UNHACKME.EXE
[Running Processes] C:\PROGRAM FILES\UNHACKME\REANIMATOR.EXE
[Running Processes] C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
[Loaded DLLs] C:\Windows\system32\query.dll
[Loaded DLLs] C:\Windows\system32\MSSHooks.dll
[Loaded DLLs] C:\Windows\system32\TQUERY.DLL
[Loaded DLLs] C:\Windows\System32\mstask.dll
[Loaded DLLs] C:\Windows\system32\cryptnet.dll
[Loaded DLLs] C:\Windows\system32\RICHED20.dll
[Loaded DLLs] C:\Windows\system32\RICHED32.DLL
[Loaded DLLs] C:\Windows\system32\olepro32.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgse.dll
[Loaded DLLs] C:\Windows\system32\SYNCENG.dll
[Loaded DLLs] C:\Windows\system32\syncui.dll
[Loaded DLLs] c:\Program Files\Corel\Corel PaintShop Pro X4\PSPContextMenu.dll
[Loaded DLLs] C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
[Loaded DLLs] C:\Windows\System32\EhStorAPI.dll
[Loaded DLLs] C:\Windows\System32\NLSLexicons0009.dll
[Loaded DLLs] C:\Windows\System32\NLSData0009.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgxpl.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgopensslx.dll
[Loaded DLLs] C:\Windows\system32\bthprops.cpl
[Loaded DLLs] C:\Windows\system32\WSCAPI.dll
[Loaded DLLs] C:\Windows\system32\wscntfy.dll
[Loaded DLLs] C:\Windows\System32\SyncCenter.dll
[Loaded DLLs] C:\Windows\system32\mssprxy.dll
[Loaded DLLs] C:\Windows\System32\srchadmin.dll
[Loaded DLLs] C:\Windows\system32\wpdshserviceobj.dll
[Loaded DLLs] C:\Windows\System32\AltTab.dll
[Loaded DLLs] C:\Windows\System32\npmproxy.dll
[Loaded DLLs] C:\Windows\system32\fdproxy.dll
[Loaded DLLs] C:\Windows\system32\FunDisc.dll
[Loaded DLLs] C:\Windows\system32\pnidui.dll
[Loaded DLLs] C:\Windows\System32\netshell.dll
[Loaded DLLs] C:\Windows\system32\FirewallAPI.dll
[Loaded DLLs] C:\Windows\system32\HID.DLL
[Loaded DLLs] C:\Windows\ehome\ehSSO.dll
[Loaded DLLs] C:\Windows\System32\SndVolSSO.dll
[Loaded DLLs] C:\Windows\system32\es.dll
[Loaded DLLs] C:\Windows\system32\BatMeter.dll
[Loaded DLLs] C:\Windows\system32\stobject.dll
[Loaded DLLs] C:\Windows\system32\ExplorerFrame.dll
[Loaded DLLs] C:\Windows\system32\NetworkExplorer.dll
[Loaded DLLs] C:\Windows\system32\cscapi.dll
[Loaded DLLs] C:\Windows\system32\ntshrui.dll
[Loaded DLLs] C:\Windows\system32\msi.dll
[Loaded DLLs] C:\Windows\system32\msiltcfg.dll
[Loaded DLLs] C:\Windows\system32\authui.dll
[Loaded DLLs] C:\Windows\System32\NaturalLanguage6.dll
[Loaded DLLs] C:\Windows\System32\msshsq.dll
[Loaded DLLs] C:\Windows\System32\shacct.dll
[Loaded DLLs] C:\Windows\system32\WINBRAND.dll
[Loaded DLLs] C:\Windows\system32\ACTXPRXY.DLL
[Loaded DLLs] C:\Windows\system32\timedate.cpl
[Loaded DLLs] C:\Windows\system32\IconCodecService.dll
[Loaded DLLs] C:\Windows\system32\EhStorShell.dll
[Loaded DLLs] C:\Windows\system32\BROWSEUI.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.2861.40095__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2861.39825__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2861.39865__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2861.40076__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2861.39817__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2820.26376__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2861.39811__90ba9c70f846762e\CLI.Component.Dashboard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2820.26396__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2861.39858__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2861.39845__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2861.40018__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2861.40070__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2861.40096__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2861.39837__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2820.26394__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2820.26371__90ba9c70f846762e\CLI.Component.Client.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2861.39832__90ba9c70f846762e\CLI.Component.Wizard.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2861.40053__90ba9c70f846762e\CLI.Component.Systemtray.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2820.26375__90ba9c70f846762e\APM.Foundation.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2861.39793__90ba9c70f846762e\APM.Server.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2861.39824__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2861.39795__90ba9c70f846762e\ATIDEMOS.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2820.26385__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2820.26381__90ba9c70f846762e\DEM.OS.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2820.26382__90ba9c70f846762e\DEM.OS.I0602.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2861.39803__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2820.26372__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2861.40095__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
[Loaded DLLs] C:\Windows\system32\atipdlxx.dll
[Loaded DLLs] C:\Windows\system32\cfgmgr32.dll
[Loaded DLLs] C:\Windows\system32\wbem\fastprox.dll
[Loaded DLLs] C:\Windows\system32\wbem\wbemsvc.dll
[Loaded DLLs] C:\Windows\system32\wbem\wbemprox.dll
[Loaded DLLs] C:\Windows\system32\wbemcomn.dll
[Loaded DLLs] C:\Windows\system32\wbem\wmiutils.dll
[Loaded DLLs] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
[Loaded DLLs] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
[Loaded DLLs] C:\Windows\system32\ATIDEMGX.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2820.26382__90ba9c70f846762e\DEM.Graphics.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2820.26386__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2861.40086__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2820.26372__90ba9c70f846762e\AEM.Server.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2820.26376__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2820.26370__90ba9c70f846762e\AEM.Foundation.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\CLI.Foundation.Private.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.dll
[Loaded DLLs] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2820.26409__90ba9c70f846762e\CLI.Foundation.XManifest.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2820.26370__90ba9c70f846762e\CLI.Foundation.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2861.40061__90ba9c70f846762e\CCC.Implementation.dll
[Loaded DLLs] C:\Program Files\Portrait Displays\Pivot Pro Plugin\ijl15.dll
[Loaded DLLs] C:\Program Files\NVIDIA Corporation\Update Common\NVUPDTR.DLL
[Loaded DLLs] C:\Program Files\NVIDIA Corporation\Update Common\easyDaemonAPIU.DLL
[Loaded DLLs] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
[Loaded DLLs] C:\Program Files\NVIDIA Corporation\Display\NvUI.dll
[Loaded DLLs] C:\Program Files\Common Files\Portrait Displays\Shared\dthook.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\emsermi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\oooimprovementmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\icuin40.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\fwkmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\ucb1.dll
[Loaded DLLs] C:\Windows\system32\wer.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\saxmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\sbmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\libxml2.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\svlmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\icudt40.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\icuuc40.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\i18npapermi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\sotmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\vclmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\tkmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\svtmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\fwimi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\fwemi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\sfxmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\xcrmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\utlmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\basegfxmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\tlmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\libdb47.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\deploymentmiscmi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\comphelp4MSC.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll
[Loaded DLLs] C:\Windows\system32\WSOCK32.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll
[Loaded DLLs] C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll
[Loaded DLLs] C:\Windows\system32\LINKINFO.dll
[Loaded DLLs] C:\Windows\system32\dxva2.dll
[Loaded DLLs] C:\Program Files\Common Files\Portrait Displays\Drivers\vista.dll
[Loaded DLLs] C:\Program Files\Common Files\Portrait Displays\Drivers\smsc.dll
[Loaded DLLs] C:\Program Files\Common Files\Portrait Displays\Drivers\null.dll
[Loaded DLLs] C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
[Loaded DLLs] C:\Program Files\Common Files\Portrait Displays\Plugins\CC\colorcal.dll
[Loaded DLLs] C:\Program Files\Common Files\Portrait Displays\Drivers\WrapI2C.dll
[Loaded DLLs] C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
[Loaded DLLs] C:\Windows\system32\MSVCP70.dll
[Loaded DLLs] C:\Windows\system32\MSVCR70.dll
[Loaded DLLs] C:\Windows\system32\MFC70.DLL
[Loaded DLLs] C:\Windows\ijl15.dll
[Loaded DLLs] C:\Program Files\Windows Media Player\wmpnssci.dll
[Loaded DLLs] C:\Windows\system32\msfeeds.dll
[Loaded DLLs] C:\Windows\system32\d3d10core.dll
[Loaded DLLs] C:\Windows\system32\d3d10.dll
[Loaded DLLs] C:\Windows\System32\shdocvw.dll
[Loaded DLLs] C:\Windows\system32\thumbcache.dll
[Loaded DLLs] C:\Windows\system32\Dxtmsft.dll
[Loaded DLLs] C:\Windows\system32\DCIMAN32.dll
[Loaded DLLs] C:\Windows\system32\DDRAW.dll
[Loaded DLLs] C:\Windows\system32\ddrawex.dll
[Loaded DLLs] C:\Windows\system32\Dxtrans.dll
[Loaded DLLs] C:\Windows\system32\icm32.dll
[Loaded DLLs] C:\Windows\system32\WINSPOOL.DRV
[Loaded DLLs] C:\Windows\system32\mscms.dll
[Loaded DLLs] C:\Windows\system32\windowscodecs.dll
[Loaded DLLs] C:\Windows\system32\msls31.dll
[Loaded DLLs] C:\Program Files\Windows Sidebar\wlsrvc.dll
[Loaded DLLs] C:\Windows\system32\D3D10Warp.dll
[Loaded DLLs] C:\Windows\system32\d3d10_1core.dll
[Loaded DLLs] C:\Windows\system32\d3d10_1.dll
[Loaded DLLs] C:\Windows\system32\dxgi.dll
[Loaded DLLs] C:\Windows\system32\DWrite.dll
[Loaded DLLs] C:\Windows\system32\d2d1.dll
[Loaded DLLs] C:\Windows\System32\jscript9.dll
[Loaded DLLs] C:\Windows\system32\msimtf.dll
[Loaded DLLs] C:\Windows\system32\MLANG.dll
[Loaded DLLs] C:\Windows\system32\mshtml.dll
[Loaded DLLs] C:\Windows\System32\msxml3.dll
[Loaded DLLs] C:\Windows\system32\CRYPTUI.dll
[Loaded DLLs] C:\Windows\system32\sfc_os.DLL
[Loaded DLLs] C:\Windows\system32\sfc.dll
[Loaded DLLs] C:\Windows\System32\winrnr.dll
[Loaded DLLs] C:\Windows\system32\pnrpnsp.dll
[Loaded DLLs] C:\Windows\system32\napinsp.dll
[Loaded DLLs] C:\Windows\System32\wship6.dll
[Loaded DLLs] C:\Windows\system32\rasadhlp.dll
[Loaded DLLs] C:\Windows\system32\NLAapi.dll
[Loaded DLLs] C:\Windows\system32\schannel.dll
[Loaded DLLs] C:\Windows\system32\credssp.dll
[Loaded DLLs] C:\Windows\System32\wshtcpip.dll
[Loaded DLLs] C:\Windows\system32\mswsock.dll
[Loaded DLLs] C:\Windows\system32\sensapi.dll
[Loaded DLLs] C:\Windows\system32\rtutils.dll
[Loaded DLLs] C:\Windows\system32\TAPI32.dll
[Loaded DLLs] C:\Windows\system32\rasman.dll
[Loaded DLLs] C:\Windows\system32\RASAPI32.dll
[Loaded DLLs] C:\Windows\system32\dhcpcsvc6.DLL
[Loaded DLLs] C:\Windows\system32\WINNSI.DLL
[Loaded DLLs] C:\Windows\system32\dhcpcsvc.DLL
[Loaded DLLs] C:\Windows\system32\iphlpapi.dll
[Loaded DLLs] C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
[Loaded DLLs] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2820.26370__90ba9c70f846762e\NEWAEM.Foundation.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2861.39794__90ba9c70f846762e\AEM.Server.dll
[Loaded DLLs] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
[Loaded DLLs] C:\Windows\system32\ieframe.dll
[Loaded DLLs] C:\Windows\system32\shfolder.dll
[Loaded DLLs] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2820.26376__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2820.26375__90ba9c70f846762e\MOM.Foundation.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2861.40060__90ba9c70f846762e\LOG.Foundation.Implementation.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOG.Foundation.Private.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2820.26369__90ba9c70f846762e\LOG.Foundation.dll
[Loaded DLLs] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2861.40061__90ba9c70f846762e\MOM.Implementation.dll
[Loaded DLLs] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
[Loaded DLLs] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
[Loaded DLLs] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
[Loaded DLLs] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
[Loaded DLLs] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
[Loaded DLLs] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
[Loaded DLLs] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
[Loaded DLLs] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
[Loaded DLLs] C:\Windows\system32\mscoree.dll
[Loaded DLLs] C:\Windows\system32\SXS.DLL
[Loaded DLLs] C:\Windows\system32\jscript.dll
[Loaded DLLs] C:\Windows\system32\msscript.ocx
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgdecider.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgsrmx.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgidpmx.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avguires.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgidpsdkx.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avglngx.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgcfgx.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avglogx.dll
[Loaded DLLs] C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgntopensslx.dll
[Loaded DLLs] C:\Windows\system32\MSVFW32.dll
[Loaded DLLs] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
[Loaded DLLs] C:\Windows\system32\MSIMG32.dll
[Loaded DLLs] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
[Loaded DLLs] C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
[Loaded DLLs] C:\Program Files\AVG\AVG2012\avgsysx.dll
[Loaded DLLs] C:\Windows\system32\stapi32.dll
[Loaded DLLs] C:\Windows\system32\odbcint.dll
[Loaded DLLs] C:\Windows\system32\ODBC32.dll
[Loaded DLLs] C:\Windows\system32\MFC42u.DLL
[Loaded DLLs] C:\Program Files\SigmaTel\C-Major Audio\WDM\STLang.dll
[Loaded DLLs] C:\Windows\system32\Cabinet.dll
[Loaded DLLs] C:\Windows\system32\COMDLG32.DLL
[Loaded DLLs] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.DLL
[Loaded DLLs] C:\Windows\system32\apphelp.dll
[Loaded DLLs] C:\Windows\system32\WinSCard.dll
[Loaded DLLs] C:\Windows\system32\DNSAPI.dll
[Loaded DLLs] C:\Windows\system32\NTDSAPI.dll
[Loaded DLLs] C:\Windows\system32\certenroll.dll
[Loaded DLLs] C:\Windows\system32\urlmon.dll
[Loaded DLLs] C:\Windows\system32\iertutil.dll
[Loaded DLLs] C:\Windows\system32\Normaliz.dll
[Loaded DLLs] C:\Windows\system32\WININET.dll
[Loaded DLLs] C:\Windows\system32\ATL.DLL
[Loaded DLLs] C:\Windows\system32\certcli.dll
[Loaded DLLs] C:\Windows\system32\NETAPI32.dll
[Loaded DLLs] C:\Windows\system32\pautoenr.dll
[Loaded DLLs] C:\Windows\system32\GPAPI.dll
[Loaded DLLs] C:\Windows\system32\ncrypt.dll
[Loaded DLLs] C:\Windows\system32\dimsjob.dll
[Loaded DLLs] C:\Windows\system32\taskschd.dll
[Loaded DLLs] C:\Program Files\Windows Portable Devices\SqmApi.dll
[Loaded DLLs] C:\Windows\system32\PROPSYS.dll
[Loaded DLLs] C:\Windows\system32\PortableDeviceTypes.dll
[Loaded DLLs] C:\Windows\system32\WINSTA.dll
[Loaded DLLs] C:\Windows\system32\PortableDeviceApi.dll
[Loaded DLLs] C:\Windows\System32\wlanutil.dll
[Loaded DLLs] C:\Windows\System32\bcrypt.dll
[Loaded DLLs] C:\Windows\System32\DUser.dll
[Loaded DLLs] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll
[Loaded DLLs] C:\Windows\System32\eappcfg.dll
[Loaded DLLs] C:\Windows\System32\eappprxy.dll
[Loaded DLLs] C:\Windows\System32\OneX.DLL
[Loaded DLLs] C:\Windows\System32\Wlanapi.dll
[Loaded DLLs] C:\Windows\System32\AuxiliaryDisplayServices.dll
[Loaded DLLs] C:\Windows\System32\wevtapi.dll
[Loaded DLLs] C:\Windows\System32\QUtil.dll
[Loaded DLLs] C:\Windows\System32\fwpuclnt.dll
[Loaded DLLs] C:\Windows\System32\QAgent.dll
[Loaded DLLs] C:\Windows\System32\d3d8thk.dll
[Loaded DLLs] C:\Windows\System32\VERSION.dll
[Loaded DLLs] C:\Windows\System32\d3d9.dll
[Loaded DLLs] C:\Windows\System32\POWRPROF.dll
[Loaded DLLs] C:\Windows\System32\TMM.dll
[Loaded DLLs] C:\Windows\system32\midimap.dll
[Loaded DLLs] C:\Windows\system32\MSACM32.dll
[Loaded DLLs] C:\Windows\system32\msacm32.drv
[Loaded DLLs] C:\Windows\system32\audioeng.dll
[Loaded DLLs] C:\Windows\system32\AUDIOSES.DLL
[Loaded DLLs] C:\Windows\system32\imagehlp.dll
[Loaded DLLs] C:\Windows\system32\USERENV.dll
[Loaded DLLs] C:\Windows\system32\MSASN1.dll
[Loaded DLLs] C:\Windows\system32\CRYPT32.dll
[Loaded DLLs] C:\Windows\system32\WINTRUST.dll
[Loaded DLLs] C:\Windows\system32\SETUPAPI.dll
[Loaded DLLs] C:\Windows\system32\AVRT.dll
[Loaded DLLs] C:\Windows\system32\MMDevAPI.DLL
[Loaded DLLs] C:\Windows\system32\ksuser.dll
[Loaded DLLs] C:\Windows\system32\wdmaud.drv
[Loaded DLLs] C:\Windows\system32\WTSAPI32.dll
[Loaded DLLs] C:\Windows\system32\MSUTB.dll
[Loaded DLLs] C:\Windows\system32\MsCtfMonitor.dll
[Loaded DLLs] C:\Windows\System32\OLEACC.dll
[Loaded DLLs] C:\Windows\System32\WINMM.dll
[Loaded DLLs] C:\Windows\System32\PlaySndSrv.dll
[Loaded DLLs] C:\Windows\System32\slc.dll
[Loaded DLLs] C:\Windows\System32\HotStartUserAgent.dll
[Loaded DLLs] C:\Windows\system32\tschannel.dll
[Loaded DLLs] C:\Windows\system32\CLBCatQ.DLL
[Loaded DLLs] C:\Windows\system32\rsaenh.dll
[Loaded DLLs] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[Loaded DLLs] C:\Windows\system32\MPR.dll
[Loaded DLLs] C:\Windows\system32\XmlLite.dll
[Loaded DLLs] C:\Windows\system32\Secur32.dll
[Loaded DLLs] C:\Windows\system32\SHLWAPI.dll
[Loaded DLLs] C:\Windows\system32\SHELL32.dll
[Loaded DLLs] C:\Windows\system32\SAMLIB.dll
[Loaded DLLs] C:\Windows\system32\NSI.dll
[Loaded DLLs] C:\Windows\system32\WS2_32.dll
[Loaded DLLs] C:\Windows\system32\WLDAP32.dll
[Loaded DLLs] C:\Windows\system32\NTMARTA.DLL
[Loaded DLLs] C:\Windows\system32\dwmapi.dll
[Loaded DLLs] C:\Windows\system32\PSAPI.DLL
[Loaded DLLs] C:\Windows\system32\milcore.dll
[Loaded DLLs] C:\Windows\system32\USP10.dll
[Loaded DLLs] C:\Windows\system32\LPK.DLL
[Loaded DLLs] C:\Windows\system32\dwmredir.dll
[Loaded DLLs] C:\Windows\system32\MSCTF.dll
[Loaded DLLs] C:\Windows\system32\IMM32.dll
[Loaded DLLs] C:\Windows\system32\UxTheme.dll
[Loaded DLLs] C:\Windows\system32\OLEAUT32.dll
[Loaded DLLs] C:\Windows\system32\ole32.dll
[Loaded DLLs] C:\Windows\system32\msvcrt.dll
[Loaded DLLs] C:\Windows\system32\USER32.dll
[Loaded DLLs] C:\Windows\system32\GDI32.dll
[Loaded DLLs] C:\Windows\system32\RPCRT4.dll
[Loaded DLLs] C:\Windows\system32\ADVAPI32.dll
[Loaded DLLs] C:\Windows\system32\kernel32.dll
[Loaded DLLs] C:\Windows\system32\ntdll.dll
[Explorer's DLLs] C:\Program Files\AVG\AVG2012\avgse.dll
[Explorer's DLLs] C:\Windows\system32\SYNCENG.dll
[Explorer's DLLs] C:\Windows\system32\syncui.dll
[Explorer's DLLs] c:\Program Files\Corel\Corel PaintShop Pro X4\PSPContextMenu.dll
[Explorer's DLLs] C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
[Explorer's DLLs] C:\Windows\System32\EhStorAPI.dll
[Explorer's DLLs] C:\Windows\System32\NLSLexicons0009.dll
[Explorer's DLLs] C:\Windows\System32\NLSData0009.dll
[Explorer's DLLs] C:\Program Files\AVG\AVG2012\avgxpl.dll
[Explorer's DLLs] C:\Program Files\AVG\AVG2012\avgopensslx.dll
[Explorer's DLLs] C:\Windows\system32\bthprops.cpl
[Explorer's DLLs] C:\Windows\system32\WSCAPI.dll
[Explorer's DLLs] C:\Windows\system32\wscntfy.dll
[Explorer's DLLs] C:\Windows\System32\SyncCenter.dll
[Explorer's DLLs] C:\Windows\system32\mssprxy.dll
[Explorer's DLLs] C:\Windows\System32\srchadmin.dll
[Explorer's DLLs] C:\Windows\system32\wpdshserviceobj.dll
[Explorer's DLLs] C:\Windows\System32\AltTab.dll
[Explorer's DLLs] C:\Windows\System32\npmproxy.dll
[Explorer's DLLs] C:\Windows\system32\fdproxy.dll
[Explorer's DLLs] C:\Windows\system32\FunDisc.dll
[Explorer's DLLs] C:\Windows\system32\pnidui.dll
[Explorer's DLLs] C:\Windows\System32\netshell.dll
[Explorer's DLLs] C:\Windows\system32\FirewallAPI.dll
[Explorer's DLLs] C:\Windows\system32\HID.DLL
[Explorer's DLLs] C:\Windows\ehome\ehSSO.dll
[Explorer's DLLs] C:\Windows\System32\SndVolSSO.dll
[Explorer's DLLs] C:\Windows\system32\es.dll
[Explorer's DLLs] C:\Windows\system32\BatMeter.dll
[Explorer's DLLs] C:\Windows\system32\stobject.dll
[Explorer's DLLs] C:\Windows\system32\ExplorerFrame.dll
[Explorer's DLLs] C:\Windows\system32\NetworkExplorer.dll
[Explorer's DLLs] C:\Windows\system32\cscapi.dll
[Explorer's DLLs] C:\Windows\system32\ntshrui.dll
[Explorer's DLLs] C:\Windows\system32\msi.dll
[Explorer's DLLs] C:\Windows\system32\msiltcfg.dll
[Explorer's DLLs] C:\Windows\system32\authui.dll
[Explorer's DLLs] C:\Windows\System32\NaturalLanguage6.dll
[Explorer's DLLs] C:\Windows\System32\msshsq.dll
[Explorer's DLLs] C:\Windows\System32\shacct.dll
[Explorer's DLLs] C:\Windows\system32\WINBRAND.dll
[Explorer's DLLs] C:\Windows\system32\ACTXPRXY.DLL
[Explorer's DLLs] C:\Windows\system32\timedate.cpl
[Explorer's DLLs] C:\Windows\system32\IconCodecService.dll
[Explorer's DLLs] C:\Windows\system32\EhStorShell.dll
[Explorer's DLLs] C:\Windows\system32\BROWSEUI.dll
[Explorer's DLLs] C:\Windows\system32\LINKINFO.dll
[Explorer's DLLs] C:\Windows\System32\shdocvw.dll
[Explorer's DLLs] C:\Windows\system32\windowscodecs.dll
[Explorer's DLLs] C:\Windows\system32\MLANG.dll
[Explorer's DLLs] C:\Windows\system32\sfc_os.DLL
[Explorer's DLLs] C:\Windows\system32\sfc.dll
[Explorer's DLLs] C:\Windows\system32\NLAapi.dll
[Explorer's DLLs] C:\Windows\system32\dhcpcsvc6.DLL
[Explorer's DLLs] C:\Windows\system32\WINNSI.DLL
[Explorer's DLLs] C:\Windows\system32\dhcpcsvc.DLL
[Explorer's DLLs] C:\Windows\system32\iphlpapi.dll
[Explorer's DLLs] C:\Windows\system32\ieframe.dll
[Explorer's DLLs] C:\Windows\system32\SXS.DLL
[Explorer's DLLs] C:\Program Files\AVG\AVG2012\avgntopensslx.dll
[Explorer's DLLs] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
[Explorer's DLLs] C:\Windows\system32\MSIMG32.dll
[Explorer's DLLs] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
[Explorer's DLLs] C:\Program Files\AVG\AVG2012\avgsysx.dll
[Explorer's DLLs] C:\Windows\system32\Cabinet.dll
[Explorer's DLLs] C:\Windows\system32\apphelp.dll
[Explorer's DLLs] C:\Windows\system32\DNSAPI.dll
[Explorer's DLLs] C:\Windows\system32\urlmon.dll
[Explorer's DLLs] C:\Windows\system32\iertutil.dll
[Explorer's DLLs] C:\Windows\system32\Normaliz.dll
[Explorer's DLLs] C:\Windows\system32\WININET.dll
[Explorer's DLLs] C:\Windows\system32\ATL.DLL
[Explorer's DLLs] C:\Windows\system32\NETAPI32.dll
[Explorer's DLLs] C:\Windows\system32\taskschd.dll
[Explorer's DLLs] C:\Windows\system32\PROPSYS.dll
[Explorer's DLLs] C:\Windows\system32\PortableDeviceTypes.dll
[Explorer's DLLs] C:\Windows\system32\WINSTA.dll
[Explorer's DLLs] C:\Windows\system32\PortableDeviceApi.dll
[Explorer's DLLs] C:\Windows\System32\wlanutil.dll
[Explorer's DLLs] C:\Windows\System32\bcrypt.dll
[Explorer's DLLs] C:\Windows\System32\DUser.dll
[Explorer's DLLs] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll
[Explorer's DLLs] C:\Windows\System32\eappcfg.dll
[Explorer's DLLs] C:\Windows\System32\eappprxy.dll
[Explorer's DLLs] C:\Windows\System32\OneX.DLL
[Explorer's DLLs] C:\Windows\System32\Wlanapi.dll
[Explorer's DLLs] C:\Windows\System32\wevtapi.dll
[Explorer's DLLs] C:\Windows\System32\QUtil.dll
[Explorer's DLLs] C:\Windows\System32\fwpuclnt.dll
[Explorer's DLLs] C:\Windows\System32\QAgent.dll
[Explorer's DLLs] C:\Windows\System32\VERSION.dll
[Explorer's DLLs] C:\Windows\System32\POWRPROF.dll
[Explorer's DLLs] C:\Windows\system32\midimap.dll
[Explorer's DLLs] C:\Windows\system32\MSACM32.dll
[Explorer's DLLs] C:\Windows\system32\msacm32.drv
[Explorer's DLLs] C:\Windows\system32\audioeng.dll
[Explorer's DLLs] C:\Windows\system32\AUDIOSES.DLL
[Explorer's DLLs] C:\Windows\system32\imagehlp.dll
[Explorer's DLLs] C:\Windows\system32\USERENV.dll
[Explorer's DLLs] C:\Windows\system32\MSASN1.dll
[Explorer's DLLs] C:\Windows\system32\CRYPT32.dll
[Explorer's DLLs] C:\Windows\system32\WINTRUST.dll
[Explorer's DLLs] C:\Windows\system32\SETUPAPI.dll
[Explorer's DLLs] C:\Windows\system32\AVRT.dll
[Explorer's DLLs] C:\Windows\system32\MMDevAPI.DLL
[Explorer's DLLs] C:\Windows\system32\ksuser.dll
[Explorer's DLLs] C:\Windows\system32\wdmaud.drv
[Explorer's DLLs] C:\Windows\system32\WTSAPI32.dll
[Explorer's DLLs] C:\Windows\System32\OLEACC.dll
[Explorer's DLLs] C:\Windows\System32\WINMM.dll
[Explorer's DLLs] C:\Windows\System32\slc.dll
[Explorer's DLLs] C:\Windows\system32\CLBCatQ.DLL
[Explorer's DLLs] C:\Windows\system32\rsaenh.dll
[Explorer's DLLs] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[Explorer's DLLs] C:\Windows\system32\MPR.dll
[Explorer's DLLs] C:\Windows\system32\XmlLite.dll
[Explorer's DLLs] C:\Windows\system32\Secur32.dll
[Explorer's DLLs] C:\Windows\system32\SHLWAPI.dll
[Explorer's DLLs] C:\Windows\system32\SHELL32.dll
[Explorer's DLLs] C:\Windows\system32\SAMLIB.dll
[Explorer's DLLs] C:\Windows\system32\NSI.dll
[Explorer's DLLs] C:\Windows\system32\WS2_32.dll
[Explorer's DLLs] C:\Windows\system32\WLDAP32.dll
[Explorer's DLLs] C:\Windows\system32\NTMARTA.DLL
[Explorer's DLLs] C:\Windows\system32\dwmapi.dll
[Explorer's DLLs] C:\Windows\system32\PSAPI.DLL
[Explorer's DLLs] C:\Windows\system32\USP10.dll
[Explorer's DLLs] C:\Windows\system32\LPK.DLL
[Explorer's DLLs] C:\Windows\system32\MSCTF.dll
[Explorer's DLLs] C:\Windows\system32\IMM32.dll
[Explorer's DLLs] C:\Windows\system32\UxTheme.dll
[Explorer's DLLs] C:\Windows\system32\OLEAUT32.dll
[Explorer's DLLs] C:\Windows\system32\ole32.dll
[Explorer's DLLs] C:\Windows\system32\msvcrt.dll
[Explorer's DLLs] C:\Windows\system32\USER32.dll
[Explorer's DLLs] C:\Windows\system32\GDI32.dll
[Explorer's DLLs] C:\Windows\system32\RPCRT4.dll
[Explorer's DLLs] C:\Windows\system32\ADVAPI32.dll
[Explorer's DLLs] C:\Windows\system32\kernel32.dll
[Explorer's DLLs] C:\Windows\system32\ntdll.dll
[Running Services] AdobeARMservice
[Running Services] AeLookupSvc
[Running Services] Appinfo
[Running Services] AudioEndpointBuilder
[Running Services] Audiosrv
[Running Services] avgwd
[Running Services] BFE
[Running Services] Browser
[Running Services] CryptSvc
[Running Services] DcomLaunch
[Running Services] Dhcp
[Running Services] Dnscache
[Running Services] DPS
[Running Services] DTSRVC
[Running Services] EMDMgmt
[Running Services] Eventlog
[Running Services] EventSystem
[Running Services] fdPHost
[Running Services] FDResPub
[Running Services] FontCache
[Running Services] gpsvc
[Running Services] hidserv
[Running Services] IKEEXT
[Running Services] iphlpsvc
[Running Services] KtmRm
[Running Services] LanmanServer
[Running Services] LanmanWorkstation
[Running Services] lmhosts
[Running Services] MBAMService
[Running Services] MMCSS
[Running Services] MpsSvc
[Running Services] Netman
[Running Services] netprofm
[Running Services] NlaSvc
[Running Services] nsi
[Running Services] nvsvc
[Running Services] nvUpdatusService
[Running Services] PcaSvc
[Running Services] PdiService
[Running Services] PlugPlay
[Running Services] PolicyAgent
[Running Services] ProfSvc
[Running Services] ProtectedStorage
[Running Services] PSI_SVC_2
[Running Services] RasMan
[Running Services] RpcSs
[Running Services] SamSs
[Running Services] Schedule
[Running Services] seclogon
[Running Services] SENS
[Running Services] ShellHWDetection
[Running Services] slsvc
[Running Services] Spooler
[Running Services] SSDPSRV
[Running Services] SstpSvc
[Running Services] STacSV
[Running Services] Stereo Service
[Running Services] stisvc
[Running Services] SysMain
[Running Services] TabletInputService
[Running Services] TapiSrv
[Running Services] TermService
[Running Services] Themes
[Running Services] TrkWks
[Running Services] upnphost
[Running Services] UxSms
[Running Services] W32Time
[Running Services] WdiSystemHost
[Running Services] WebClient
[Running Services] WerSvc
[Running Services] Winmgmt
[Running Services] WMPNetworkSvc
[Running Services] WPDBusEnum
[Running Services] wscsvc
[Running Services] WSearch
[Running Services] wuauserv
[Running Services] wudfsvc
[MD5]
[ -2][0 -1 ]C:\COMBOFIX\MBR.SYS
[D73B0B941A00C24170C52C1602CE794B][1 1264240 8652445C00E9151FFBA52331AFDD0C66F6CB39DC ]C:\PROGRAM FILES\ACER DISPLAY\EDISPLAY MANAGEMENT\DTHTML.EXE
[25CA1677AAA3CDC99CD4FCF940886F3C][2 49152 ]C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
[033FF248550305ED52ED2D2844A8A11B][2 90112 ]C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CLISTART.EXE
[E681281D9BFC9D45D3B72532717E5880][2 49152 ]C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
[9F0678A35B06CA75A8495762CE274495][1 493920 ]C:\PROGRAM FILES\AVG\AVG2012\AVGCFGEX.EXE
[BA60FD7A64B9759A14C0FBA4A9ED4C7B][1 5106744 ]C:\PROGRAM FILES\AVG\AVG2012\AVGIDSAGENT.EXE
[80956486306D1F546EDC1DD7FAE87F62][1 2587008 ]C:\PROGRAM FILES\AVG\AVG2012\AVGTRAY.EXE
[EA1145DEBCD508FD25BD1E95C4346929][1 193288 ]C:\PROGRAM FILES\AVG\AVG2012\AVGWDSVC.EXE
[60E5AF8B7B4140C711B050FAE5A3AB70][1 63912 ]C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL
[B8E421C0890356CD4A793D8A346D9096][1 843712 ]C:\PROGRAM FILES\COMMON FILES\ADOBE\ARM\1.0\ADOBEARM.EXE
[62B7936F9036DD6ED36E6A7EFA805DC0][1 63928 ]C:\PROGRAM FILES\COMMON FILES\ADOBE\ARM\1.0\ARMSVC.EXE
[6E3245DF783E58375B3465F03274743E][1 254696 ]C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
[0A098DF98EC8FACAA30BD7DB4C7AEA06][1 109168 F75DC1DF750E5EA2581BB39DDF0609BE5C5EEC0E ]C:\PROGRAM FILES\COMMON FILES\PORTRAIT DISPLAYS\DRIVERS\PDISRVC.EXE
[D50498CFEAFA9DFB1C24F3190445807A][1 121456 ]C:\PROGRAM FILES\COMMON FILES\PORTRAIT DISPLAYS\SHARED\DT_STARTUP.EXE
[0CEDF29CFA2E1209456D98C2EE4AE6F5][1 121456 B927F7178E539EF8485E4131836FA4FB5E0143B7 ]C:\PROGRAM FILES\COMMON FILES\PORTRAIT DISPLAYS\SHARED\DTSRVC.EXE
[73C1FD64294D578C30B6BAA781B89967][1 146032 ]C:\PROGRAM FILES\COMMON FILES\PORTRAIT DISPLAYS\SHARED\HOOKMANAGER.EXE
[543A4EF0923BF70D126625B034EF25AF][1 189728 ]C:\PROGRAM FILES\COMMON FILES\PROTEXIS\LICENSE SERVICE\PSISERVICE_2.EXE
[B21115D236BA6D870804456DEA0CE7DC][1 489256 ]C:\PROGRAM FILES\COMMON FILES\STEAM\STEAMSERVICE.EXE
[4EB0C6C3EF4D8885CF2B5D0062F31E44][1 1259376 ]C:\PROGRAM FILES\DIVX\DIVX UPDATE\DIVXUPDATE.EXE
[904E13BA41AF2E353A32CF351CA53639][1 748336 ]C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
[1B82BCF0B8F9228B39F75B0DFA079A21][1 462408 29D7862C0B6407814F1F9463555EADFACDBC1B5F ]C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMGUI.EXE
[BA400ED640BCA1EAE5C727AE17C10207][1 654408 D4134E2C8623160D69DF490E6391CEFD5605DDE8 ]C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE
[4F69AABB5D82AA4EF6DFF7871212ADF6][1 924600 BB6455A61DBDC7F7AE44A28FD9A10A216FF4E88A ]C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
[96AA8BA23142CC8E2B30F3CAE0C80254][1 129976 ]C:\PROGRAM FILES\MOZILLA MAINTENANCE SERVICE\MAINTENANCESERVICE.EXE
[FC0A58529A02B1EED55DDC58696B7908][1 382272 ]C:\PROGRAM FILES\NVIDIA CORPORATION\3D VISION\NVSCPAPISVR.EXE
[CBD50857A564603D38B5A049B4DAFA34][1 1820480 ]C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVTRAY.EXE
[C78581C14699C46FE0F0817416383134][1 2348352 ]C:\PROGRAM FILES\NVIDIA CORPORATION\NVIDIA UPDATE CORE\DAEMONU.EXE
[F7DCE54077EE9D8A351C4B1FFA866EE7][2 1198592 ]C:\PROGRAM FILES\OPENOFFICE.ORG 3\PROGRAM\QUICKSTART.EXE
[2337EC951C4AF6E1AF65D10BD9615BEB][2 11314688 ]C:\PROGRAM FILES\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.BIN
[11E8D8272FDBE213ADE3DAD91427CE35][2 11322880 ]C:\PROGRAM FILES\OPENOFFICE.ORG 3\PROGRAM\SOFFICE.EXE
[06392B946EE84FE3297A56D120FB45E5][1 711792 ]C:\PROGRAM FILES\PORTRAIT DISPLAYS\PIVOT PRO PLUGIN\FLOATER.EXE
[D287CE6BB173D1DA77DBB17CC8BA3284][1 110192 ]C:\PROGRAM FILES\PORTRAIT DISPLAYS\PIVOT PRO PLUGIN\PIVOT_STARTUP.EXE
[66AC0C69B45AE64B6285B4F6B4D19FE6][1 674928 ]C:\PROGRAM FILES\PORTRAIT DISPLAYS\PIVOT PRO PLUGIN\WPCTRL.EXE
[D36A05E74A1DDE9260C16A9F336C2E33][1 939416 ]C:\PROGRAM FILES\RAZER\ANANSI\RAZERANANSISYSTRAY.EXE
[127E7DD016305FF87B9B59189672C497][1 405504 ]C:\PROGRAM FILES\SIGMATEL\C-MAJOR AUDIO\WDM\STTRAY.EXE
[67384147DD005E54D2C0A20408E28579][1 1242448 ]C:\PROGRAM FILES\STEAM\STEAM.EXE
[0F3F9BC6E29D4B6590A1396947A3C75D][1 595216 73AC084BC4660097535714D9143E3784E60560A4 ]C:\PROGRAM FILES\UNHACKME\HACKMON.EXE
[B9782083575663687FB7186519663D15][1 8679736 39166B9B954FA8335A26513BBF237AA4F7703F61 ]C:\PROGRAM FILES\UNHACKME\REANIMATOR.EXE
[3924E6D44A4117C0C0485808B4B59B72][1 1585424 847B1D736E9D7D31F1D051A2C31FB22B6DAD597B ]C:\PROGRAM FILES\UNHACKME\UNHACKME.EXE
[4575AA12561C5648483403541D0D7F2B][6 272952 ]C:\PROGRAM FILES\WINDOWS DEFENDER\MPSVC.DLL
[3978704576A121A9204F8CC49A301A9B][6 896512 ]C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
[35937EAD711207544E219C2A19A78A7D][6 202240 ]C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNSCFG.EXE
[19D0FC69D4E68D5CE2E4B34940529727][1 339968 ]C:\PROGRAM FILES\WINDOWS NT\ACCESSORIES\WORDPAD.EXE
[9E35FF7F943AE0FB89192BFE058B7FD4][1 1233920 ]C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE
[F02A533F517EB38333CB12A9E8963773][1 136176 ]C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
[ -2][0 -1 ]C:\USERS\OWNER\APPDATA\LOCAL\TEMP\ASWMBR.SYS
[ -2][0 -1 ]C:\USERS\OWNER\APPDATA\LOCAL\TEMP\CATCHME.SYS
[9BE3744D295A7701EB425332014F0797][6 292352 ]C:\WINDOWS\EHOME\EHRECVR.EXE
[AD1870C8E5D6DD340C829E6074BF3C3F][6 131072 ]C:\WINDOWS\EHOME\EHSCHED.EXE
[C27C4EE8926E74AA72EFCAB24C5242C3][6 13312 ]C:\WINDOWS\EHOME\EHSTART.DLL
[D07D4C3038F3578FFCE1C0237F2A1253][1 2926592 ]C:\WINDOWS\EXPLORER.EXE
[8EE772032E2FE80A924F3B8DD5082194][1 66368 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\MSCORSVW.EXE
[98477B08E61945F974ED9FDC4CB6BDAB][1 879448 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\INFOCARD.EXE
[D6C4E4A39A36029AC0813D476FBD0248][1 129880 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\SMSVCHOST.EXE
[C7FBDD1ED42F82BFA35167A5C9803EA3][1 43904 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WPF\PRESENTATIONFONTCACHE.EXE
[C5A75EB48E2344ABDC162BDA79E16841][1 130384 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MSCORSVW.EXE
[DCF3E3EDF5109EE8BC02FE6E1F045795][1 753504 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\WPF\WPFFONTCACHE_V0400.EXE
[97D9D6A04E3AD9B6C626B9931DB78DBA][1 39424 ]C:\WINDOWS\SERVICING\TRUSTEDINSTALLER.EXE
[59683D1E4CD0B1AD6AE32E1D627AE25F][2 81920 ]C:\WINDOWS\SYSTEM32\AC3ACM.ACM
[50CAA7072C171B9887215C83D52069E4][1 800768 ]C:\WINDOWS\SYSTEM32\ADVAPI32.DLL
[9D1FDA9E086BA64E3C93C9DE32461BCF][6 24576 ]C:\WINDOWS\SYSTEM32\AELUPSVC.DLL
[8210141840CE237FBF40B6E26E2DD11D][2 38912 ]C:\WINDOWS\SYSTEM32\ALF2CD.ACM
[A1545B731579895D8CC44FC0481C1192][6 59392 ]C:\WINDOWS\SYSTEM32\ALG.EXE
[C6D704C7F0434DC791AAC37CAC4B6E14][6 33280 ]C:\WINDOWS\SYSTEM32\APPINFO.DLL
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\APPMGMTS.DLL
[74279ED618C00EB4C534BA2B21583CBB][1 626688 ]C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
[B44A7AC9E801C38F54F7340351313E85][1 292864 ]C:\WINDOWS\SYSTEM32\ATMFD.DLL
[68E2A1A0407A66CF50DA0300852424AB][1 315392 ]C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL
[F240B31DA00632718CC2392A4D193313][1 1370624 ]C:\WINDOWS\SYSTEM32\AURORA.SCR
[C789AF0F724FDA5852FB9A7D3A432381][1 334848 ]C:\WINDOWS\SYSTEM32\BFE.DLL
[F0821E18CAFC7135CCF6DE3D306E97CD][6 24120 ]C:\WINDOWS\SYSTEM32\BOOTVID.DLL
[A3629A0C4226F9E9C72FAAEEBC3AD33C][6 81920 ]C:\WINDOWS\SYSTEM32\BROWSER.DLL
[4504819D18FAC09B6108D8728467E5B2][1 1324032 ]C:\WINDOWS\SYSTEM32\BROWSEUI.DLL
[CF9F5BBC2740C41DD471278C41B91F5F][1 37376 ]C:\WINDOWS\SYSTEM32\CDD.DLL
[312EC3E37A0A1F2006534913E37B4423][1 40448 ]C:\WINDOWS\SYSTEM32\CERTPROP.DLL
[22F73612087430A94DBE912AB58E0C79][1 614376 ]C:\WINDOWS\SYSTEM32\CI.DLL
[D7659D3B5B92C31E84E53C1431F35132][1 245736 ]C:\WINDOWS\SYSTEM32\CLFS.SYS
[4211249955AF9133E2E357CC92B54DFD][6 1291264 ]C:\WINDOWS\SYSTEM32\COMRES.DLL
[FB27772BEAF8E1D28CCD825C09DA939B][1 129024 ]C:\WINDOWS\SYSTEM32\CRYPTSVC.DLL
[B123B2E554AD31FC88A7447F551D9FEC][6 1039360 ]C:\WINDOWS\SYSTEM32\D3D8.DLL
[CD6DA5770CAE9D5E6E86722E17B442E0][6 11264 ]C:\WINDOWS\SYSTEM32\D3D8THK.DLL
[FA2A3AFADC4FB47DBC234A4E57F92CDB][6 522752 ]C:\WINDOWS\SYSTEM32\DDRAW.DLL
[2CC3DCFB533A1035B13DCAB6160AB38B][1 2092544 ]C:\WINDOWS\SYSTEM32\DFSR.EXE
[9028559C132146FB75EB7ACF384B086A][1 204288 ]C:\WINDOWS\SYSTEM32\DHCPCSVC.DLL
[F42E95BFB193754E9148DB6434D2E88E][2 720384 ]C:\WINDOWS\SYSTEM32\DIVX.DLL
[BE01E566D1F569AAB32D0335613E1EEA][6 7168 ]C:\WINDOWS\SYSTEM32\DLLHOST.EXE
[57D762F6F5974AF0DA2BE88A3349BAAA][1 86528 ]C:\WINDOWS\SYSTEM32\DNSRSLVR.DLL
[324FD74686B1EF5E7C19A8AF49E748F6][1 175616 ]C:\WINDOWS\SYSTEM32\DOT3SVC.DLL
[A622E888F8AA2F6B49E9BC466F0E5DEF][6 134656 ]C:\WINDOWS\SYSTEM32\DPS.DLL
[0349BE02F329F4F48F1D48097FD65974][6 53376 ]C:\WINDOWS\SYSTEM32\DRIVERS\1394BUS.SYS
[82B296AE1892FE3DBEE00C9CF92F8AC7][1 265688 ]C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
[2EDC5BBAC6C651ECE337BDE8ED97C9FB][6 420968 ]C:\WINDOWS\SYSTEM32\DRIVERS\ADP94XX.SYS
[B84088CA3CDCA97DA44A984C6CE1CCAD][6 297576 ]C:\WINDOWS\SYSTEM32\DRIVERS\ADPAHCI.SYS
[7880C67BCCC27C86FD05AA2AFB5EA469][6 98408 ]C:\WINDOWS\SYSTEM32\DRIVERS\ADPU160M.SYS
[9AE713F8E30EFC2ABCCD84904333DF4D][6 147048 ]C:\WINDOWS\SYSTEM32\DRIVERS\ADPU320.SYS
[3911B972B55FEA0478476B2E777B29FA][1 273408 ]C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
[EF23439CDD587F64C2C1B8825CEAD7D8][6 53864 ]C:\WINDOWS\SYSTEM32\DRIVERS\AGP440.SYS
[3A99CB23A2D326FD532618705D6E3048][1 14952 ]C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS
[2B13E304C9DFDFA5EB582F6A149FA2C7][6 54888 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDAGP.SYS
[4333C133DBD71C7D7FE4FB1B83F9EE3E][1 15464 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDIDE.SYS
[DC487885BCEF9F28EECE6FAC0E5DDFC5][6 38912 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDK7.SYS
[0CA0071DA4315B00FC1328CA86B425DA][6 40960 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDK8.SYS
[5F673180268BB1FDB69C99B6619FE379][6 67688 ]C:\WINDOWS\SYSTEM32\DRIVERS\ARC.SYS
[957F7540B5E7F602E44648C7DE5A1C05][6 67688 ]C:\WINDOWS\SYSTEM32\DRIVERS\ARCSAS.SYS
[53B202ABEE6455406254444303E87BE1][6 17408 ]C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
[1F05B78AB91C9075565A9D8A4B880BC4][1 19944 ]C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
[64B0052340B8EC28FA8A56B708AE71CC][1 109032 ]C:\WINDOWS\SYSTEM32\DRIVERS\ATAPORT.SYS
[E278FD22232CA08280258FB3F2524539][1 49152 ]C:\WINDOWS\SYSTEM32\DRIVERS\ati2erec.dll
[D9527F4BDE7E18077A33623F0BC8EB86][1 3170304 ]C:\WINDOWS\SYSTEM32\DRIVERS\ATIKMDAG.SYS
[1074F787080068C71303B61FAE7E7CA4][1 139856 ]C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSDRIVERX.SYS
[61A7E0B02F82CFF3DB2445BBE50B3589][1 24144 ]C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSFILTERX.SYS
[D63D83659EEDF60B3A3E620281A888E5][1 24896 ]C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSHX.SYS
[BAF975B72062F53D327788E99D64197E][1 17232 ]C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSSHIMX.SYS
[DDA6A2A18841E4C9172BB85958B8D948][1 235216 ]C:\WINDOWS\SYSTEM32\DRIVERS\AVGLDX86.SYS
[CCDD61545AAEA265977E4B1EFDC74E8C][1 41040 ]C:\WINDOWS\SYSTEM32\DRIVERS\AVGMFX86.SYS
[1FD90B28D2C3100BF4500199C8AD6358][1 31952 ]C:\WINDOWS\SYSTEM32\DRIVERS\AVGRKX86.SYS
[1263F2554ACE925C237A40B4C568D815][1 301248 ]C:\WINDOWS\SYSTEM32\DRIVERS\AVGTDIX.SYS
[87D8E49D1615D419EFCEDDEFE02161CC][6 25192 ]C:\WINDOWS\SYSTEM32\DRIVERS\BATTC.SYS
[9F5F8F2318DFA3974A6F6A5602733929][6 12288 ]C:\WINDOWS\SYSTEM32\DRIVERS\bdasup.sys
[67E506B75BD5326A3EC7B70BD014DFB6][6 6144 ]C:\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\DRIVERS\BLBDRIVE.SYS
[35F376253F687BDE63976CCB3F2108CA][1 69632 ]C:\WINDOWS\SYSTEM32\DRIVERS\BOWSER.SYS
[9F9ACC7F7CCDE8A15C282D3F88B43309][6 13568 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRFILTLO.SYS
[56801AD62213A41F6497F96DEE83755A][6 5248 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRFILTUP.SYS
[B1564976D98E91FC764D5DC28A0297DA][1 93696 ]C:\WINDOWS\SYSTEM32\DRIVERS\bridge.sys
[B304E75CFF293029EDDF094246747113][6 71808 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRSERID.SYS
[203F0B1E73ADADBBB7B7B1FABD901F6B][6 62336 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRSERWDM.SYS
[BD456606156BA17E60A04E18016AE54B][6 12160 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRUSBMDM.SYS
[AF72ED54503F717A43268B3CC5FAEC2E][6 11904 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRUSBSER.SYS
[AD07C1EC6665B8B35741AB91200C6B68][6 39936 ]C:\WINDOWS\SYSTEM32\DRIVERS\BTHMODEM.SYS
[7ADD03E75BEB9E6DD102C3081D29840A][6 70144 ]C:\WINDOWS\SYSTEM32\DRIVERS\CDFS.SYS
[6B4BFFB9BECD728097024276430DB314][1 67072 ]C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
[DA8E0AFC7BAA226C538EF53AC2F90897][6 35328 ]C:\WINDOWS\SYSTEM32\DRIVERS\CIRCLASS.SYS
[0767B09C74D935A590B4879D14463B64][1 125928 ]C:\WINDOWS\SYSTEM32\DRIVERS\CLASSPNP.SYS
[DFB94A6FC3A26972B0461AB5F1D8272B][1 16488 ]C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS
[82B8C91D327CFECF76CB58716F7D4997][6 18280 ]C:\WINDOWS\SYSTEM32\DRIVERS\COMPBATT.SYS
[36975327EF03949CC378AB01E316B574][1 35304 ]C:\WINDOWS\SYSTEM32\DRIVERS\CRASHDMP.SYS
[2A213AE086BBEC5E937553C7D9A2B22C][6 22632 ]C:\WINDOWS\SYSTEM32\DRIVERS\CRCDISK.SYS
[22A7F883508176489F559EE745B5BF5D][6 38912 ]C:\WINDOWS\SYSTEM32\DRIVERS\CRUSOE.SYS
[622C41A07CA7E6DD91770F50D532CB6C][1 75264 ]C:\WINDOWS\SYSTEM32\DRIVERS\DFSC.SYS
[5D4AEFC3386920236A548271F8F1AF6A][1 53736 ]C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
[494075282E23D838F43A4C9FB7143959][1 19456 ]C:\WINDOWS\SYSTEM32\DRIVERS\Diskdump.sys
[AE1FDF7BF7BB6C6A70F67699D880592A][6 71272 ]C:\WINDOWS\SYSTEM32\DRIVERS\DJSVS.SYS
[7BE5A3C671A2CB56E94403BFC2020A0D][6 130048 ]C:\WINDOWS\SYSTEM32\DRIVERS\DRMK.SYS
[97FEF831AB90BEE128C9AF390E243F80][6 5632 ]C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
[C67EBF9C05531C406E1E079FF669A2E6][1 27624 ]C:\WINDOWS\SYSTEM32\DRIVERS\Dumpata.sys
[EAAAFEF04FBB45665C9576E525D45A12][6 13312 ]C:\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS
[C8D5369BFE193B5FB53337DCE77CE314][1 76288 ]C:\WINDOWS\SYSTEM32\DRIVERS\dxg.sys
[C68AC676B0EF30CFBB1080ADCE49EB1F][1 638336 ]C:\WINDOWS\SYSTEM32\DRIVERS\DXGKRNL.SYS
[04944F4FC4F0477185F5D26AE0DDB90E][1 228224 ]C:\WINDOWS\SYSTEM32\DRIVERS\E1E6032.SYS
[F88FB26547FD2CE6D0A5AF2985892C48][6 117760 ]C:\WINDOWS\SYSTEM32\DRIVERS\E1G60I32.SYS
[7F64EA048DCFAC7ACF8B4D7B4E6FE371][1 141288 ]C:\WINDOWS\SYSTEM32\DRIVERS\ECACHE.SYS
[E8F3F21A71720C84BCF423B80028359F][6 316520 ]C:\WINDOWS\SYSTEM32\DRIVERS\ELXSTOR.SYS
[22B408651F9123527BCEE54B4F6C5CAE][1 136704 ]C:\WINDOWS\SYSTEM32\DRIVERS\EXFAT.SYS
[1E9B9A70D332103C52995E957DC09EF8][1 142848 ]C:\WINDOWS\SYSTEM32\DRIVERS\FASTFAT.SYS
[63BDADA84951B9C03E641800E176898A][6 25088 ]C:\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS
[A8C0139A884861E3AAE9CFE73B208A9F][6 58936 ]C:\WINDOWS\SYSTEM32\DRIVERS\FILEINFO.SYS
[0AE429A696AECBC5970E3CF2C62635AE][6 27648 ]C:\WINDOWS\SYSTEM32\DRIVERS\FILETRACE.SYS
[6603957EFF5EC62D25075EA8AC27DE68][6 20480 ]C:\WINDOWS\SYSTEM32\DRIVERS\FLPYDISK.SYS
[01334F9EA68E6877C4EF05D3EA8ABB05][1 190424 ]C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS
[B972A66758577E0BFD1DE0F91AAA27B5][1 12800 ]C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS
[73594DBC99E22958150192EE99BC48CE][1 99816 ]C:\WINDOWS\SYSTEM32\DRIVERS\FWPKCLNT.SYS
[4E1CD0A45C50A8882616CAE5BF82F3C5][6 58984 ]C:\WINDOWS\SYSTEM32\DRIVERS\GAGP30KX.SYS
[062452B7FFD68C8C042A6261FE8DFF4A][1 561152 ]C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS
[3F90E001369A07243763BD5A523D8722][1 236544 ]C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDIO.SYS
[1338520E78D90154ED6BE8F84DE5FCEB][6 29184 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDBTH.SYS
[5961CADB7CAD938368D2028725EF771D][1 39424 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDCLASS.SYS
[FF3160C3A2445128C5A6D9B076DA519E][6 21504 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDIR.SYS
[175444D3A01CA45D0E1C5DC5F48DF7CD][6 25472 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDPARSE.SYS
[CCA4B519B17E23A00B826C55716809CC][1 12800 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
[DF353B401001246853763C4B7AAA6F50][6 37480 ]C:\WINDOWS\SYSTEM32\DRIVERS\HPCISSS.SYS
[F870AA3E254628EBEAFE754108D664DE][1 411648 ]C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
[8420BF9AD8AE0B4A96F30BD7C8FB9ADF][6 16488 ]C:\WINDOWS\SYSTEM32\DRIVERS\i2omgmt.sys
[324C2152FF2C61ABAE92D09F3CCA4D63][6 27752 ]C:\WINDOWS\SYSTEM32\DRIVERS\I2OMP.SYS
[22D56C8184586B7A1F6FA60BE5F5A2BD][6 54784 ]C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
[C957BF4B5D80B46C5017BF0101E6C906][6 232040 ]C:\WINDOWS\SYSTEM32\DRIVERS\IASTORV.SYS
[2D077BF86E843F901D8DB709C95B49A5][6 41576 ]C:\WINDOWS\SYSTEM32\DRIVERS\IIRSP.SYS
[1C60617D54BC9F035671A44B75D9F7CC][1 14952 ]C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS
[224191001E78C89DFA78924C3EA595FF][6 41472 ]C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS
[62C265C38769B864CB25B4BCF62DF6C3][6 47616 ]C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\DRIVERS\IPINIP.SYS
[40F34F8ABA2A015D780E4B09138B6C17][6 65536 ]C:\WINDOWS\SYSTEM32\DRIVERS\IPMIDRV.SYS
[8793643A67B42CEC66490B2A0CF92D68][6 100864 ]C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
[E50A95179211B12946F7E035D60AF560][6 95744 ]C:\WINDOWS\SYSTEM32\DRIVERS\irda.sys
[109C0DFB82C3632FBD11949B73AEEAC9][6 13312 ]C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
[350FCA7E73CF65BCEF43FAE1E4E91293][6 47208 ]C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
[BCED60D16156E428F8DF8CF27B0DF150][6 35944 ]C:\WINDOWS\SYSTEM32\DRIVERS\ITEATAPI.SYS
[06FA654504A498C30ADCA8BEC4E87E7E][6 35944 ]C:\WINDOWS\SYSTEM32\DRIVERS\ITERAID.SYS
[37605E0A8CF00CBBA538E753E4344C6E][6 35384 ]C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
[EDE59EC70E25C24581ADD1FBEC7325F7][1 17408 ]C:\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS
[EF73C1E29FBE7B0FD0274BF4394E346A][1 149504 ]C:\WINDOWS\SYSTEM32\DRIVERS\KS.SYS
[2B2F1638466E8CB091400C9019CC730E][1 440192 ]C:\WINDOWS\SYSTEM32\DRIVERS\KSECDD.SYS
[D1C5883087A0C3F1344D9D55A44901F6][6 47104 ]C:\WINDOWS\SYSTEM32\DRIVERS\LLTDIO.SYS
[A2262FB9F28935E862B4DB46438C80D2][6 65640 ]C:\WINDOWS\SYSTEM32\DRIVERS\LSI_FC.SYS
[30D73327D390F72A62F32C103DAF1D6D][6 65640 ]C:\WINDOWS\SYSTEM32\DRIVERS\LSI_SAS.SYS
[E1E36FEFD45849A95F1AB81DE0159FE3][6 65640 ]C:\WINDOWS\SYSTEM32\DRIVERS\LSI_SCSI.SYS
[8F5C7426567798E62A3B3614965D62CC][6 84480 ]C:\WINDOWS\SYSTEM32\DRIVERS\LUAFV.SYS
[FB097BBC1A18F044BD17BD2FCCF97865][1 22344 ]C:\WINDOWS\SYSTEM32\DRIVERS\MBAM.SYS
[B271EC02E71271A2DA28B3B7BC4E4F15][6 18944 ]C:\WINDOWS\SYSTEM32\DRIVERS\mcd.sys
[D153B14FC6598EAE8422A2037553ADCE][6 28776 ]C:\WINDOWS\SYSTEM32\DRIVERS\MEGASAS.SYS
[E13B5EA0F51BA5B1512EC671393D09BA][6 31744 ]C:\WINDOWS\SYSTEM32\DRIVERS\MODEM.SYS
[0A9BB33B56E294F686ABB7C1E4E2D8A8][6 41984 ]C:\WINDOWS\SYSTEM32\DRIVERS\MONITOR.SYS
[5BF6A1326A335C5298477754A506D263][6 34360 ]C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
[93B8D4869E12CFBE663915502900876F][6 15872 ]C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
[BDAFC88AA6B92F7842416EA6A48E1600][6 57400 ]C:\WINDOWS\SYSTEM32\DRIVERS\MOUNTMGR.SYS
[583A41F26278D9E0EA548163D6139397][6 78952 ]C:\WINDOWS\SYSTEM32\DRIVERS\MPIO.SYS
[22241FEBA9B2DEFA669C8CB0A8DD7D2E][6 64000 ]C:\WINDOWS\SYSTEM32\DRIVERS\MPSDRV.SYS
[4FBBB70D30FD20EC51F80061703B001E][6 33384 ]C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS
[82CEA0395524AACFEB58BA1448E8325C][1 114688 ]C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
[1E94971C4B446AB2290DEB71D01CF0C2][1 106496 ]C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
[4FCCB34D793B116423209C0F8B7A3B03][1 214016 ]C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB10.SYS
[C3CB1B40AD4A0124D617A1199B0B9D7C][1 79872 ]C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB20.SYS
[F0EC3A4E0693A34B148723B4DA31668C][1 23144 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSAHCI.SYS
[3FC82A2AE4CC149165A94699183D3028][6 80488 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSDSM.SYS
[A9927F4A46B816C92F461ACB90CF8515][6 22528 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS
[0F400E306F385C56317357D6DEA56F62][6 16440 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSISADRV.SYS
[232FA340531D940AAC623B121A595034][1 180712 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSISCSI.SYS
[D8C63D34D9C9E56C059E24EC7185CC07][6 8192 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
[1D373C90D62DDB641D50E55B9E78D65E][6 5888 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
[B572DA05BF4E098D4BBA3A4734FB505B][6 5504 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
[B49456D70555DE905C311BCDA6EC6ADB][1 161752 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSRPC.SYS
[E384487CB84BE41D09711C30CA79646C][6 31288 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
[7199C1EEC1E4993CAF96B8C0A26BD58A][6 6016 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS
[6A57B5733D4CB702C8EA4542E836B96C][1 48104 ]C:\WINDOWS\SYSTEM32\DRIVERS\MUP.SYS
[1357274D1883F68300AEADD15D7BBB42][1 527848 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDIS.SYS
[0E186E90404980569FB449BA7519AE61][6 20992 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
[D6973AA34C4D5D76C0430B181C3CD389][6 16896 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
[818F648618AE34F729FDB47EC68345C3][1 121344 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
[71DAB552B41936358F3B541AE5997FB3][6 49664 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS
[BCD093A5A6777CF626434568DC7DBA78][6 35840 ]C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
[ECD64230A59CBD93C85F1CD1CAB9F3F6][1 185856 ]C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
[063EE4D3CB88A14EAB9901875CEE98B1][1 223208 ]C:\WINDOWS\SYSTEM32\DRIVERS\NETIO.SYS
[2E7FB731D4790A1BC6270ACCEFACB36E][6 45160 ]C:\WINDOWS\SYSTEM32\DRIVERS\NFRD960.SYS
[D36F239D7CCE1931598E8FB90A0DBC26][1 35328 ]C:\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS
[609773E344A97410CE4EBF74A8914FCF][6 16384 ]C:\WINDOWS\SYSTEM32\DRIVERS\NSIPROXY.SYS
[6A4A98CEE84CF9E99564510DDA4BAA47][1 1083880 ]C:\WINDOWS\SYSTEM32\DRIVERS\NTFS.SYS
[E875C093AEC0C978A90F30C9E0DFBB72][6 20608 ]C:\WINDOWS\SYSTEM32\DRIVERS\NTRIGDIGI.SYS
[C5DBBCDA07D780BDA9B685DF333BB41E][6 4608 ]C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS
[07C186427EB8FCC3D8D7927187F260F7][6 106600 ]C:\WINDOWS\SYSTEM32\DRIVERS\NV_AGP.SYS
[8A3C4E55C8E24D1D12AF4142D50939FC][1 12392 ]C:\WINDOWS\SYSTEM32\DRIVERS\NVBRIDGE.KMD
[3D7FB57354703809B5F0C23287FAC1D6][1 148800 ]C:\WINDOWS\SYSTEM32\DRIVERS\NVHDA32V.SYS
[E891B3979F0CF2740C1B073F834221FE][1 10819392 3D6FBA5D73392AD050F0A85993155A2E5A338EF6 ]C:\WINDOWS\SYSTEM32\DRIVERS\NVLDDMKM.SYS
[6F785DB62A6D8F3FAFD3E5695277E849][1 86096 ]C:\WINDOWS\SYSTEM32\DRIVERS\NVRAID.SYS
[4A5FCAB82D9BF6AF8A023A66802FE9E9][1 35920 ]C:\WINDOWS\SYSTEM32\DRIVERS\NVSTOR.SYS
[85C44FDFF9CF7E72A40DCB7EC06A4416][1 148480 ]C:\WINDOWS\SYSTEM32\DRIVERS\NWIFI.SYS
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS
[6F310E890D46E246E0E261A63D9B36B4][1 62208 ]C:\WINDOWS\SYSTEM32\DRIVERS\OHCI1394.SYS
[99514FAA8DF93D34B5589187DB3AA0BA][1 72192 ]C:\WINDOWS\SYSTEM32\DRIVERS\PACER.SYS
[0FA9B5055484649D63C303FE404E5F4D][6 79360 ]C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
[6DDCF3F801EC15FE698F6A215CF30A1F][1 35816 ]C:\WINDOWS\SYSTEM32\DRIVERS\PARTIZAN.SYS
[B9C2B89F08670E159F7181891E449CD9][1 53120 B6F5C8DE8AD5BA6AE9508A751A3DFECBA95EB493 ]C:\WINDOWS\SYSTEM32\DRIVERS\PARTMGR.SYS
[4F9A6A8A31413180D0FCB279AD5D8112][6 8704 ]C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS
[941DC1D19E7E8620F40BBC206981EFDB][1 149480 ]C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
[1636D43F10416AEB483BC6001097B26C][1 14312 ]C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS
[6429D10C5D149AC9EB2D95052A390CFF][1 43496 ]C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDEX.SYS
[E6F3FB1B86AA519E7698AD05E58B04E5][6 167528 ]C:\WINDOWS\SYSTEM32\DRIVERS\PCMCIA.SYS
[089CA80CE0766B031164714B51DF99BB][1 17136 CF1EB4EB0D65546CCECAFF1A108A161C4139A2DD ]C:\WINDOWS\SYSTEM32\DRIVERS\PDIPORTS.SYS
[6349F6ED9C623B44B52EA3C63C831A92][6 878080 ]C:\WINDOWS\SYSTEM32\DRIVERS\PEAUTH.SYS
[218286724EC530FF252648369E05B090][1 167936 ]C:\WINDOWS\SYSTEM32\DRIVERS\PORTCLS.SYS
[0E3CEF5D28B40CF273281D620C50700A][6 38400 ]C:\WINDOWS\SYSTEM32\DRIVERS\PROCESSR.SYS
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\DRIVERS\PROCEXP113.SYS
[CCDAC889326317792480C0A67156A1EC][6 900712 ]C:\WINDOWS\SYSTEM32\DRIVERS\QL2300.SYS
[81A7E5C076E59995D54BC1ED3A16E60B][6 106088 ]C:\WINDOWS\SYSTEM32\DRIVERS\QL40XX.SYS
[9F5E0E1926014D17486901C88ECA2DB7][6 31232 ]C:\WINDOWS\SYSTEM32\DRIVERS\QWAVEDRV.SYS
[147D7F9C556D259924351FEB0DE606C3][6 11776 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
[A214ADBAF4CB47DD2728859EF31F26B0][6 76288 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
[509A98DD18AF4375E1FC40BC175F1DEF][1 41472 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
[ECFFFAEC0C1ECD8DBC77F39070EA1DB1][6 62976 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
[2005F4A1E05FA09389AC85840F0A9E4D][1 69120 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASSSTP.SYS
[B14C9D5B9ADD2F84F70570BBBFAA7935][1 225280 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
[89E59BE9A564262A3FB6C4F4F1CD9899][6 6144 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
[E8BD98D46F2ED77132BA927FCCB47D8B][6 242688 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
[9D91FE5286F748862ECFFA05F8A0710C][6 6144 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDPENCDD.SYS
[79C6DF8477250F5C54F7C5AE1D6B814E][1 180736 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDPWD.SYS
[EEC7EE5675294B03E88AA868540007C1][1 113664 ]C:\WINDOWS\SYSTEM32\DRIVERS\rmcast.sys
[D9225D107E40D0FA5C5069446759C8E9][1 33280 ]C:\WINDOWS\SYSTEM32\DRIVERS\RNDISMP.sys
[75E8A6BFA7374ABA833AE92BF41AE4E6][6 8192 ]C:\WINDOWS\SYSTEM32\DRIVERS\rootmdm.sys
[9C508F4074A39E8B4B31D27198146FAD][6 60416 ]C:\WINDOWS\SYSTEM32\DRIVERS\RSPNDR.SYS
[F68BDFAB9DC5E516AE38BB64116E6C52][1 135296 ]C:\WINDOWS\SYSTEM32\DRIVERS\RZSYNAPSE.SYS
[3CE8F073A557E172B330109436984E30][6 76392 ]C:\WINDOWS\SYSTEM32\DRIVERS\SBP2PORT.SYS
[6F5CA34AE885645ACF8A20D564DB976C][6 142904 ]C:\WINDOWS\SYSTEM32\DRIVERS\scsiport.sys
[90A3935D05B494A5A39D37E71F09A677][6 20480 ]C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
[68E44E331D46F0FB38F0863A84CD1A31][6 17920 ]C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
[C70D69A918B178D3C3B06339B40C2E1B][6 83456 ]C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
[8AF3D28A879BF75DB53A0EE7A4289624][6 19968 ]C:\WINDOWS\SYSTEM32\DRIVERS\SERMOUSE.SYS
[103B79418DA647736EE95645F305F68A][6 13312 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFFDISK.SYS
[8FD08A310645FE872EEEC6E08C6BF3EE][6 12800 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFFP_MMC.SYS
[9CFA05FCFCB7124E69CFC812B72F9614][6 12800 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFFP_SD.SYS
[46ED8E91793B2E6F848015445A0AC188][6 13312 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFLOPPY.SYS
[D2A595D6EEBEEAF4334F8E50EFBC9931][6 53352 ]C:\WINDOWS\SYSTEM32\DRIVERS\SISAGP.SYS
[CEDD6F4E7D84E9F98B34B3FE988373AA][6 38504 ]C:\WINDOWS\SYSTEM32\DRIVERS\SISRAID2.SYS
[DF843C528C4F69D12CE41CE462E973A7][6 71784 ]C:\WINDOWS\SYSTEM32\DRIVERS\SISRAID4.SYS
[7B75299A4D201D6A6533603D6914AB04][1 66560 ]C:\WINDOWS\SYSTEM32\DRIVERS\SMB.SYS
[A7D7EA1771D2ED6F39A8063E79B6C3E8][6 17408 ]C:\WINDOWS\SYSTEM32\DRIVERS\smclib.sys
[7AEBDEEF071FE28B0EEF2CDD69102BFF][6 21048 ]C:\WINDOWS\SYSTEM32\DRIVERS\SPLDR.SYS
[A7F8BAD9590ADDC425B4003E94780DFA][1 684032 ]C:\WINDOWS\SYSTEM32\DRIVERS\SPSYS.SYS
[41987F9FC0E61ADF54F581E15029AD91][1 305152 ]C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS
[FF33AFF99564B1AA534F58868CBE41EF][1 146432 ]C:\WINDOWS\SYSTEM32\DRIVERS\SRV2.SYS
[7605C0E1D01A08F3ECD743F38B834A44][1 102400 ]C:\WINDOWS\SYSTEM32\DRIVERS\SRVNET.SYS
[47E55AFE1ED1D5AFF09690DB226F4A7A][1 122344 ]C:\WINDOWS\SYSTEM32\DRIVERS\STORPORT.SYS
[70A92E46A2F459CDEDE3CA558CB26B6A][1 52992 ]C:\WINDOWS\SYSTEM32\DRIVERS\stream.sys
[167909A1C36AA3E8F2582962F0CCC748][1 326656 ]C:\WINDOWS\SYSTEM32\DRIVERS\STWRT.SYS
[7BA58ECF0C0A9A69D44B3DCA62BECF56][6 15288 ]C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
[8C8EB8C76736EBAF3B13B633B2E64125][6 31848 ]C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS
[8072AF52B5FD103BBBA387A1E49F62CB][6 34920 ]C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS
[192AA3AC01DF071B541094F251DEED10][6 35944 ]C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS
[1239FD18895040D97B7CDBC19BC2075E][6 24576 ]C:\WINDOWS\SYSTEM32\DRIVERS\tape.sys
[27D470DABC77BC60D0A3B0E4DEB6CB91][1 905600 691FEBA49EF3438ABBF5DF81080032987CCB4C7C ]C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
[608C345A255D82A6289C2D468EB41FD7][1 30720 ]C:\WINDOWS\SYSTEM32\DRIVERS\TCPIPREG.SYS
[77937EFF009AC696B90E09F671F9D0A4][6 20992 ]C:\WINDOWS\SYSTEM32\DRIVERS\TDI.SYS
[5DCF5E267BE67A1AE926F2DF77FBCC56][6 17920 ]C:\WINDOWS\SYSTEM32\DRIVERS\TDPIPE.SYS
[389C63E32B3CEFED425B61ED92D3F021][6 29184 ]C:\WINDOWS\SYSTEM32\DRIVERS\TDTCP.SYS
[76B06EB8A01FC8624D699E7045303E54][1 72192 ]C:\WINDOWS\SYSTEM32\DRIVERS\TDX.SYS
[3CAD38910468EAB9A6479E2F01DB43C7][1 53224 ]C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
[DCF0F056A2E4F52287264F5AB29CF206][6 23552 ]C:\WINDOWS\SYSTEM32\DRIVERS\TSSECSRV.SYS
[CAECC0120AC49E3D2F758B9169872D38][6 15360 ]C:\WINDOWS\SYSTEM32\DRIVERS\TUNMP.SYS
[300DB877AC094FEAB0BE7688C3454A9C][1 25088 ]C:\WINDOWS\SYSTEM32\DRIVERS\TUNNEL.SYS
[C3ADE15414120033A36C0F293D4A4121][6 56936 ]C:\WINDOWS\SYSTEM32\DRIVERS\UAGP35.SYS
[D9728AF68C4C7693CB100B8441CBDEC6][1 226816 ]C:\WINDOWS\SYSTEM32\DRIVERS\UDFS.SYS
[75E6890EBFCE0841D3291B02E7A8BDB0][6 58472 ]C:\WINDOWS\SYSTEM32\DRIVERS\ULIAGPKX.SYS
[3CD4EA35A6221B85DCC25DAA46313F8D][6 235112 ]C:\WINDOWS\SYSTEM32\DRIVERS\ULIAHCI.SYS
[8514D0E5CD0534467C5FC61BE94A569F][6 98408 ]C:\WINDOWS\SYSTEM32\DRIVERS\ULSATA.SYS
[38C3C6E62B157A6BC46594FADA45C62B][6 115816 ]C:\WINDOWS\SYSTEM32\DRIVERS\ULSATA2.SYS
[32CFF9F809AE9AED85464492BF3E32D2][6 34816 ]C:\WINDOWS\SYSTEM32\DRIVERS\UMBUS.SYS
[88BD96A1BAEED33EE8BDF9499C07A841][6 7680 ]C:\WINDOWS\SYSTEM32\DRIVERS\umpass.sys
[B95705278AF722B2D9C267C6BE811C81][1 12800 13DE65851E8D20CCD4F178AA1B3F9B0BBEEF01E4 ]C:\WINDOWS\SYSTEM32\DRIVERS\UnHackMeDrv.sys
[830D5D8456B822C1247C1E59B4C464FA][1 15872 ]C:\WINDOWS\SYSTEM32\DRIVERS\usb8023.sys
[D06F193F3E9CC3B356DF97F6A43C054A][1 25856 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBCAMD.sys
[EAE017D3AA298374A1967B96C379C5AB][1 25856 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBCAMD2.sys
[CAF811AE4C147FFCD5B51750C7F09142][6 73216 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBCCGP.SYS
[E9476E6C486E76BC4898074768FB7131][6 68608 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBCIR.SYS
[790FDAC6D0C762DF9047C3C625A6FF6C][6 5888 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS
[79E96C23A97CE7B8F14D310DA2DB0C9B][1 39936 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
[4673BBCB006AF60E7ABDDBE7A130BA42][1 196096 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
[38DBC7DD6CC5A72011F187425384388B][6 19456 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBOHCI.SYS
[A1C100A87D981AD0774FBC0B4B82E913][1 226304 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBPORT.SYS
[B51E52ACF758BE00EF3A58EA452FE360][6 18944 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBPRINT.SYS
[BE3DA31C191BC222D9AD503C5224F2AD][1 65536 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
[814D653EFC4D48BE3B04A307ECEFF56F][6 23552 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS
[2E93AC0A1D8C79D019DB6C51F036636C][6 25088 ]C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
[87B06E1F30B749A114F74622D013F8D4][6 26112 ]C:\WINDOWS\SYSTEM32\DRIVERS\vgapnp.sys
[045D9961E591CF0674A920B6BA3BA5CB][6 54376 ]C:\WINDOWS\SYSTEM32\DRIVERS\VIAAGP.SYS
[56A4DE5F02F2E88182B0981119B4DD98][6 39424 ]C:\WINDOWS\SYSTEM32\DRIVERS\VIAC7.SYS
[58C8D5AC5C3EEF40E7E704A5CED7987D][1 17512 ]C:\WINDOWS\SYSTEM32\DRIVERS\VIAIDE.SYS
[C048D2C33D27441A0CDCAAE2651EB03D][6 110080 ]C:\WINDOWS\SYSTEM32\DRIVERS\VIDEOPRT.SYS
[69503668AC66C77C6CD7AF86FBDF8C43][6 52792 ]C:\WINDOWS\SYSTEM32\DRIVERS\VOLMGR.SYS
[23E41B834759917BFD6B9A0D625D0C28][1 292840 ]C:\WINDOWS\SYSTEM32\DRIVERS\VOLMGRX.SYS
[147281C01FCB1DF9252DE2A10D5E7093][1 226280 ]C:\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS
[D984439746D42B30FC65A4C3546C6829][6 112232 ]C:\WINDOWS\SYSTEM32\DRIVERS\VSMRAID.SYS
[C466021D31FF6C0A6069D12299D80C0B][6 251904 ]C:\WINDOWS\SYSTEM32\DRIVERS\VSTBS23.SYS
[5C7BDCF5864DB00323FE2D90FA26A8A2][6 654336 ]C:\WINDOWS\SYSTEM32\DRIVERS\VSTCNXT3.SYS
[EC36F1D542ED4252390D446BF6D4DFD0][6 987648 ]C:\WINDOWS\SYSTEM32\DRIVERS\VSTDPV3.SYS
[48DFEE8F1AF7C8235D4E626F0C4FE031][6 20608 ]C:\WINDOWS\SYSTEM32\DRIVERS\WACOMPEN.SYS
[55201897378CCA7AF8B5EFD874374A26][6 62464 ]C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
[4A5C31E2C1646034E6A60EBA4C747FF6][1 33280 ]C:\WINDOWS\SYSTEM32\DRIVERS\WATCHDOG.SYS
[AFC5AD65B991C1E205CF25CFDBF7A6F4][6 19560 ]C:\WINDOWS\SYSTEM32\DRIVERS\WD.SYS
[9950E3D0F08141C7E89E64456AE7DC73][1 445008 ]C:\WINDOWS\SYSTEM32\DRIVERS\WDF01000.SYS
[FE7A7675C26FE936226641EF32AE9BB5][1 38480 ]C:\WINDOWS\SYSTEM32\DRIVERS\WDFLDR.SYS
[676F4B665BDD8053EAA53AC1695B8074][1 31616 ]C:\WINDOWS\SYSTEM32\DRIVERS\WINUSB.SYS
[701A9F884A294327E9141D73746EE279][6 11264 ]C:\WINDOWS\SYSTEM32\DRIVERS\WMIACPI.SYS
[C546864EED786304762D030FEBF6B411][6 17976 ]C:\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS
[E3A3CB253C0EC2494D4A61F5E43A389C][6 15872 ]C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS
[13B5F255E90624A5BA0441D39CFB6BE2][6 51200 ]C:\WINDOWS\SYSTEM32\DRIVERS\WUDFPF.SYS
[AC13CB789D93412106B0FB6C7EB2BCB6][6 83328 ]C:\WINDOWS\SYSTEM32\DRIVERS\WUDFRD.SYS
[84B8827562B005C118CADBA0F25DB2C6][1 444416 ]C:\WINDOWS\SYSTEM32\DSOUND.DLL
[01DD1004181FD46ECDC3628228EB269D][1 81920 ]C:\WINDOWS\SYSTEM32\DWM.EXE
[C0B95E40D85CD807D614E264248A45B9][6 57344 ]C:\WINDOWS\SYSTEM32\EAPSVC.DLL
[4E6B23DFC917EA39306B529B773950F4][1 564224 ]C:\WINDOWS\SYSTEM32\EMDMGMT.DLL
[67058C46504BC12D821F38CF99B7B28F][1 268800 ]C:\WINDOWS\SYSTEM32\ES.DLL
[6629B5F0E98151F4AFDD87567EA32BA3][6 13312 ]C:\WINDOWS\SYSTEM32\FDPHOST.DLL
[89ED56DCE8E47AF40892778A5BD31FD2][6 27648 ]C:\WINDOWS\SYSTEM32\FDRESPUB.DLL
[8CE364388C8ECA59B14B539179276D44][1 797696 ]C:\WINDOWS\SYSTEM32\FNTCACHE.DLL
[7856E3B4594714EF89BB97375E8644EE][6 297472 ]C:\WINDOWS\SYSTEM32\GDI32.DLL
[CD5D0AEEE35DFD4E986A5AA1500A6E66][1 576512 ]C:\WINDOWS\SYSTEM32\GPSVC.DLL
[B8D52005181A15D7D1470CBF2AF214DD][1 177128 ]C:\WINDOWS\SYSTEM32\HAL.DLL
[A952D0DED445F26AEFCF593A935AB300][6 289792 ]C:\WINDOWS\SYSTEM32\HNETCFG.DLL
[3F337DD54339BEAF26917D3A0A32C1DE][1 81920 ]C:\WINDOWS\SYSTEM32\ICCVID.DLL
[B23137887833D849EDB4F03ED8124E71][1 9705984 ]C:\WINDOWS\SYSTEM32\IEFRAME.DLL
[9908D8A397B76CD8D31D0D383C5773C9][1 438784 ]C:\WINDOWS\SYSTEM32\IKEEXT.DLL
[DC2FE300B941D6330D7475C977C4C5E9][1 17408 ]C:\WINDOWS\SYSTEM32\IMAADP32.ACM
[C8BDCECEE082B54F0BAC838BF0A34597][1 114688 ]C:\WINDOWS\SYSTEM32\IMM32.DLL
[9AC218C6E6105477484C6FDBE7D409A4][6 74240 ]C:\WINDOWS\SYSTEM32\IPBUSENUM.DLL
[4FE8425F21B3F0F8C4B4726351D43EAA][1 91648 0D6B0BAB7B39C15D52052AF88B67C2242945DA8C ]C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
[1998BD97F950680BB55F55A7244679C2][1 200704 ]C:\WINDOWS\SYSTEM32\IPHLPSVC.DLL
[E1499BD0FF76B1B2FBBF1AF339D91165][6 288256 ]C:\WINDOWS\SYSTEM32\IPNATHLP.DLL
[D0494460421A03CD5225CCA0059AA146][1 364032 ]C:\WINDOWS\SYSTEM32\IPSECSVC.DLL
[85466C0757A23D9A9AECDC0755203CB2][6 111616 ]C:\WINDOWS\SYSTEM32\ISCSIEXE.DLL
[A613A29FB640FB2E45DA418C396D186C][1 50176 ]C:\WINDOWS\SYSTEM32\IYUV_32.DLL
[48E083898FE5611006725796B055011B][1 17384 ]C:\WINDOWS\SYSTEM32\KDCOM.DLL
[AA01497884F9CBAC89470120AF78D2B1][1 499712 ]C:\WINDOWS\SYSTEM32\KERBEROS.DLL
[574B473FACAA0E91702B86578440B525][1 892416 ]C:\WINDOWS\SYSTEM32\KERNEL32.DLL
[D8AD255B37DA92434C26E4876DB7D418][6 68096 ]C:\WINDOWS\SYSTEM32\KMSVC.DLL
[919CC2A0476D5A6A4C935D4B88E29912][6 4608 ]C:\WINDOWS\SYSTEM32\KSUSER.DLL
[8A64A3F68F0E24917759852C842DCD74][1 62464 ]C:\WINDOWS\SYSTEM32\L3CODECA.ACM
[2D5A428872F1442631D0959A34ABFF63][6 188928 ]C:\WINDOWS\SYSTEM32\LLTDSVC.DLL
[35D40113E4A5B961B6CE5C5857702518][6 18944 ]C:\WINDOWS\SYSTEM32\LMHSVC.DLL
[5123F83CBC4349D065534EEB6BBDC42B][6 7680 ]C:\WINDOWS\SYSTEM32\LOCATOR.EXE
[EB0E02749CE5C488741C9A0ABEAB5DEC][1 23552 ]C:\WINDOWS\SYSTEM32\LPK.DLL
[A3E186B4B935905B829219502557314E][1 9728 ]C:\WINDOWS\SYSTEM32\LSASS.EXE
[521F1463E9733FD867E097727DD90177][2 261632 ]C:\WINDOWS\SYSTEM32\MCDVD_32.DLL
[5F61BE656699A41F4EBBE6169B6810CF][1 438744 ]C:\WINDOWS\SYSTEM32\MCUPDATE_GENUINEINTEL.DLL
[AEF9BABB8A506BC4CE0451A64AADED46][6 53760 ]C:\WINDOWS\SYSTEM32\MCX2SVC.DLL
[83199EF88D691E730B80666E29F90D58][1 17408 ]C:\WINDOWS\SYSTEM32\MIDIMAP.DLL
[1076FFCFFAAE8385FD62DFCB25AC4708][6 45056 ]C:\WINDOWS\SYSTEM32\MMCSS.DLL
[016BE824802F3869A7DA2F2B6329B563][2 413760 ]C:\WINDOWS\SYSTEM32\MPG4C32.DLL
[BCDD6B4804D06B1F7EBF29E53A57ECE9][6 68608 ]C:\WINDOWS\SYSTEM32\MPRDIM.DLL
[5DE62C6E9108F14F6794060A9BDECAEC][1 407552 ]C:\WINDOWS\SYSTEM32\MPSSVC.DLL
[166F004D73EA2CF4AC61800CA469458D][1 21504 ]C:\WINDOWS\SYSTEM32\MSACM32.DRV
[CE761566EADA0509F02E4AFDB09B62E4][1 17408 ]C:\WINDOWS\SYSTEM32\MSADP32.ACM
[FD7520CC3A80C5FC8C48852BB24C6DED][6 105984 ]C:\WINDOWS\SYSTEM32\MSDTC.EXE
[8078F8F8F7A79E2E6B494523A828C585][6 344576 ]C:\WINDOWS\SYSTEM32\MSDTCKRM.DLL
[4177EA05E1215EBE0405C18BFF463473][1 12288 ]C:\WINDOWS\SYSTEM32\MSG711.ACM
[13ACFD3F412CD31ACA8387911C80A9E2][1 23040 ]C:\WINDOWS\SYSTEM32\MSGSM32.ACM
[F82BF2CB075B49E9FAB5FF213C45C020][1 12281856 ]C:\WINDOWS\SYSTEM32\MSHTML.DLL
[C559672F31ABE6BA7277DD73C4502238][1 73216 ]C:\WINDOWS\SYSTEM32\MSIEXEC.EXE
[2EC53B5A351C4D443896DBAD117F7E82][6 4608 ]C:\WINDOWS\SYSTEM32\MSIMG32.DLL
[73AD972616D10FDF40E668FEA983BC78][1 13312 ]C:\WINDOWS\SYSTEM32\MSRLE32.DLL
[4ABCE74D012971305249E45E095E9EA6][1 218624 ]C:\WINDOWS\SYSTEM32\MSV1_0.DLL
[17AF64D727545F2804F6E6D998327E3F][1 680448 ]C:\WINDOWS\SYSTEM32\MSVCRT.DLL
[27281831FF4D6F5738A2F70E75E3DD40][1 31744 ]C:\WINDOWS\SYSTEM32\MSVIDC32.DLL
[8617350C9B590B63E620881092751BCB][1 223232 ]C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
[7E1BC7AA112F5ED12AB6E08E41CA6726][1 22528 ]C:\WINDOWS\SYSTEM32\MSYUV.DLL
[FC62A635063B762E1C3C60EA77279378][6 50176 ]C:\WINDOWS\SYSTEM32\NAPINSP.DLL
[C8052711DAECC48B982434C5116CA401][6 274432 ]C:\WINDOWS\SYSTEM32\NETMAN.DLL
[2EF3BBE22E5A5ACD1428EE387A0D0172][6 237056 ]C:\WINDOWS\SYSTEM32\NETPROFM.DLL
[D1A84F7D4CAFCFE2A32149FF418056E5][6 48128 ]C:\WINDOWS\SYSTEM32\NLAAPI.DLL
[2997B15415F9BBE05B5A4C1C85E0C6A2][6 168448 ]C:\WINDOWS\SYSTEM32\NLASVC.DLL
[DAF60E13E96ECB67F0EDAA89C6B01B8D][6 151040 ]C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
[8BB86F0C7EEA2BDED6FE095D0B4CA9BD][6 18432 ]C:\WINDOWS\SYSTEM32\NSISVC.DLL
[DDA770BBD7C2ED024D6F50E279D90E5B][1 1205064 ]C:\WINDOWS\SYSTEM32\NTDLL.DLL
[CAD95AFB7FDDCC490681555C570FBB7D][1 3602816 6A51CE49C9079811101132042D6CA963B349E844 ]C:\WINDOWS\SYSTEM32\NTKRNLPA.EXE
[AE2DE8E165DCB93A66B21748E6F913DF][1 645440 67A574765B988B29FAE6B0E760410AA8D00A7C7B ]C:\WINDOWS\SYSTEM32\NVVSVC.EXE
[A944A73CEC5921B871542FE5CC5E03E4][1 88576 ]C:\WINDOWS\SYSTEM32\OLEPRO32.DLL
[0C8E8E61AD1EB0B250B846712C917506][1 644608 ]C:\WINDOWS\SYSTEM32\P2PSVC.DLL
[C6276AD11F4BB49B58AA1ED88537F14A][6 37888 ]C:\WINDOWS\SYSTEM32\PCASVC.DLL
[B1689DF169143F57053F795390C99DB3][6 1502208 ]C:\WINDOWS\SYSTEM32\PLA.DLL
[690D41DF1D555F96D4898A0F54EBA065][6 62464 ]C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
[0508FAA222D28835310B7BFCA7A77346][1 153088 ]C:\WINDOWS\SYSTEM32\PROFSVC.DLL
[57418956DDAE128D1023C508E7D07071][1 50664 ]C:\WINDOWS\SYSTEM32\PSHED.DLL
[E4EAF0C5C1B41B5C83386CF212CA9584][1 302592 ]C:\WINDOWS\SYSTEM32\QAGENTRT.DLL
[93952506C6D67330367F7E7934B6A02F][1 758784 ]C:\WINDOWS\SYSTEM32\QMGR.DLL
[E9ECAE663F47E6CB43962D18AB18890F][6 243712 ]C:\WINDOWS\SYSTEM32\QWAVE.DLL
[A7D525E5C0D91C8C1D84C6BCD25AD77D][6 10240 ]C:\WINDOWS\SYSTEM32\RASADHLP.DLL
[3CB863B78642405371CB3A71C07E2382][1 286720 4B47F927F312F181766B2A3007A489932AA6BAC6 ]C:\WINDOWS\SYSTEM32\RASAPI32.DLL
[F6A452EB4CEADBB51C9E0EE6B3ECEF0F][6 90624 ]C:\WINDOWS\SYSTEM32\RASAUTO.DLL
[75D47445D70CA6F9F894B032FBC64FCF][1 262144 ]C:\WINDOWS\SYSTEM32\RASMANS.DLL
[9E6894EA18DAFF37B63E1005F83AE4AB][1 107008 ]C:\WINDOWS\SYSTEM32\REGSVC.DLL
[3B5B4D53FEC14F7476CA29A20CC31AC9][1 550400 ]C:\WINDOWS\SYSTEM32\RPCSS.DLL
[4B555106290BD117334E9A08761C035A][6 44544 ]C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
[77B7A11A0C3D78D3386398FBBEA1B632][1 95232 ]C:\WINDOWS\SYSTEM32\SCARDSVR.DLL
[8FC182167381E9915651267044105EE1][1 177152 ]C:\WINDOWS\SYSTEM32\SCECLI.DLL
[DC4B2F21968AC6E7E6C8A4417ED0D85C][2 13239 ]C:\WINDOWS\SYSTEM32\SCG726.ACM
[DA61F5C012A646771587A8CB9C0AE590][1 278528 ]C:\WINDOWS\SYSTEM32\SCHANNEL.DLL
[1A58069DB21D05EB2AB58EE5753EBE8D][1 601600 ]C:\WINDOWS\SYSTEM32\SCHEDSVC.DLL
[716313D9F6B0529D03F726D5AAF6F191][6 104960 ]C:\WINDOWS\SYSTEM32\SDRSVC.DLL
[C9EE7FF225EAC1CB9C78C413667CDB80][1 87552 ]C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
[AED0DFF80C6B3914769407E78D7AB21A][1 441344 ]C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
[FD5199D4D8A521005E4B5EE7FE00FA9B][6 19968 ]C:\WINDOWS\SYSTEM32\SECLOGON.DLL
[A9BBAB5759771E523F55563D6CBE140F][6 47104 ]C:\WINDOWS\SYSTEM32\SENS.DLL
[D2193326F729B163125610DBF3E17D57][6 84992 ]C:\WINDOWS\SYSTEM32\SESSENV.DLL
[33AE914C24F546AABF281BA7B138186D][1 11586048 ]C:\WINDOWS\SYSTEM32\SHELL32.DLL
[C7230FBEE14437716701C15BE02C27B8][1 247808 ]C:\WINDOWS\SYSTEM32\SHSVCS.DLL
[862BB4CBC05D80C5B45BE430E5EF872F][1 3408896 ]C:\WINDOWS\SYSTEM32\SLSVC.EXE
[6EDC422215CD78AA8A9CDE6B30ABBD35][1 60928 ]C:\WINDOWS\SYSTEM32\SLUINOTIFY.DLL
[2A146A055B4401C16EE62D18B8E2A032][6 12800 ]C:\WINDOWS\SYSTEM32\SNMPTRAP.EXE
[8554097E5136C3BF9F69FE578A1B35F4][1 128000 ]C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
[1BF5EEBFD518DD7298434D8C862F825D][1 125952 ]C:\WINDOWS\SYSTEM32\SRVSVC.DLL
[03D50B37234967433A5EA5BA72BC0B62][6 155648 ]C:\WINDOWS\SYSTEM32\SSDPSRV.DLL
[6F1A32E7B7B30F004D9A20AFADB14944][6 116736 ]C:\WINDOWS\SYSTEM32\SSTPSVC.DLL
[B218068EBA6F46F102B4218BDB81BE0B][1 94208 ]C:\WINDOWS\SYSTEM32\STACSV.EXE
[3794B461C45882E06856F282EEF025AF][6 21504 ]C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[F21FD248040681CCA1FB6C9A03AAA93D][1 311808 ]C:\WINDOWS\SYSTEM32\SWPRV.DLL
[D4091231E5B052F5B6D0D8F49745B088][1 242688 ]C:\WINDOWS\SYSTEM32\SYSDM.CPL
[9A51B04E9886AA4EE90093586B0BA88D][1 558080 ]C:\WINDOWS\SYSTEM32\SYSMAIN.DLL
[2DCA225EAE15F42C0933E998EE0231C3][6 68096 ]C:\WINDOWS\SYSTEM32\TABSVC.DLL
[D7673E4B38CE21EE54C59EEEB65E2483][1 242688 ]C:\WINDOWS\SYSTEM32\TAPISRV.DLL
[3D50C4B10352367D5CB20ED1F50F8DA2][1 171520 ]C:\WINDOWS\SYSTEM32\TASKENG.EXE
[EF8AE178FAE3C5F97E383753EB1DF3BA][6 163840 ]C:\WINDOWS\SYSTEM32\TASKMGR.EXE
[CB05822CD9CC6C688168E113C603DBE7][6 56320 ]C:\WINDOWS\SYSTEM32\TBSSVC.DLL
[BB95DA09BEF6E7A131BFF3BA5032090D][1 449024 ]C:\WINDOWS\SYSTEM32\TERMSRV.DLL
[EC74E77D0EB004BD3A809B5F8FB8C2CE][6 75264 ]C:\WINDOWS\SYSTEM32\TRKWKS.DLL
[BC35B4551D705D1B931A3362B2B93CCD][1 12288 ]C:\WINDOWS\SYSTEM32\TSBYUV.DLL
[CC21507D246861671A0BF97E75CE1B00][6 14336 ]C:\WINDOWS\SYSTEM32\TSDDD.DLL
[F8873D15018F411588BEC02C1725BADA][6 62464 ]C:\WINDOWS\SYSTEM32\TSPKG.DLL
[ECEF404F62863755951E09C802C94AD5][6 35840 ]C:\WINDOWS\SYSTEM32\UI0DETECT.EXE
[C5E7F8A996EC0A82D508FD9064A5569E][1 222720 ]C:\WINDOWS\SYSTEM32\UMPNPMGR.DLL
[57CF7F07E92195E84AB41B2F96FF627F][1 310784 ]C:\WINDOWS\SYSTEM32\UNREGMP2.EXE
[68308183F4AE0BE7BF8ECD07CB297999][6 259072 ]C:\WINDOWS\SYSTEM32\UPNPHOST.DLL
[75510147B94598407666F4802797C75A][1 627712 ]C:\WINDOWS\SYSTEM32\USER32.DLL
[0E135526E9785D085BCD9AEDE6FBCBF9][6 25088 ]C:\WINDOWS\SYSTEM32\USERINIT.EXE
[1509E705F3AC1D474C92454A5C2DD81F][1 29184 ]C:\WINDOWS\SYSTEM32\UXSMS.DLL
[999D69DEB576C2C424294DF025891CC6][6 240128 ]C:\WINDOWS\SYSTEM32\UXTHEME.DLL
[83A083A42F97BCF3F8E016820178DDE2][2 82944 ]C:\WINDOWS\SYSTEM32\VCT3216.ACM
[CD88D1B7776DC17A119049742EC07EB4][1 385536 ]C:\WINDOWS\SYSTEM32\VDS.EXE
[DB3D19F850C6EB32BDCB9BC0836ACDDB][1 1055232 ]C:\WINDOWS\SYSTEM32\VSSVC.EXE
[96EA68B9EB310A69C25EBB0282B2B9DE][1 282624 ]C:\WINDOWS\SYSTEM32\W32TIME.DLL
[43BE3875207DCB62A85C8C49970B66CC][1 137728 ]C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
[6B2A1D0E80110E3D04E6863C6E62FD8A][1 162304 ]C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL
[A3CD60FD826381B49F03832590E069AF][1 413696 ]C:\WINDOWS\SYSTEM32\WCNCSVC.DLL
[11BCB7AFCDD7AADACB5746F544D3A9C7][6 32256 ]C:\WINDOWS\SYSTEM32\WCSPLUGINSERVICE.DLL
[ABFC76B48BB6C96E3338D8943C5D93B5][6 73728 ]C:\WINDOWS\SYSTEM32\WDI.DLL
[93620229F3CC3B67A3528BF39F064C30][1 175104 ]C:\WINDOWS\SYSTEM32\WDIGEST.DLL
[4DF066ECEE5A7B20BF8B39EF4D646600][1 167424 ]C:\WINDOWS\SYSTEM32\WDMAUD.DRV
[5193DE33F3284C447E0D31DAFBF92570][1 203776 ]C:\WINDOWS\SYSTEM32\WEBCHECK.DLL
[04C37D8107320312FBAE09926103D5E2][1 199680 ]C:\WINDOWS\SYSTEM32\WEBCLNT.DLL
[AE3736E7E8892241C23E4EBBB7453B60][1 146944 ]C:\WINDOWS\SYSTEM32\WECSVC.DLL
[670FF720071ED741206D69BD995EA453][6 62976 ]C:\WINDOWS\SYSTEM32\WERCPLSUPPORT.DLL
[32B88481D3B326DA6DEB07B1D03481E7][1 126976 ]C:\WINDOWS\SYSTEM32\WERSVC.DLL
[5DE7D67E49B88F5F07F3E53C4B92A352][1 453120 ]C:\WINDOWS\SYSTEM32\WIASERVC.DLL
[98BB495043BD5E98B2E8D2B8239390ED][1 2044928 78A365231F75DECFA78B6E3FA66DE9E0BE0E5AF4 ]C:\WINDOWS\SYSTEM32\WIN32K.SYS
[DBD02E3E6F061EBBBF9B99A9D7CBA30B][1 377344 ]C:\WINDOWS\SYSTEM32\WINHTTP.DLL
[898E7C06A350D4A1A64A9EA264D55452][1 314368 ]C:\WINDOWS\SYSTEM32\WINLOGON.EXE
[C411C80F90D6732380352B98B37BBD53][1 19968 ]C:\WINDOWS\SYSTEM32\WINRNR.DLL
[1DB69705B695B987082C8BAEC0C6B34F][1 160256 ]C:\WINDOWS\SYSTEM32\WKSSVC.DLL
[C008405E4FEEB069E30DA1D823910234][1 513536 ]C:\WINDOWS\SYSTEM32\WLANSVC.DLL
[CFC5A04558F5070CEE3E3A7809F3FF52][1 140288 ]C:\WINDOWS\SYSTEM32\WPCSVC.DLL
[801FBDB89D472B3C467EB112A0FC9246][1 81920 ]C:\WINDOWS\SYSTEM32\WPDBUSENUM.DLL
[17C0671BF57057108A6D949510EE42C8][6 4608 ]C:\WINDOWS\SYSTEM32\WS2HELP.DLL
[1CA6C40261DDC0425987980D0CD2AAAB][1 61440 ]C:\WINDOWS\SYSTEM32\WSCSVC.DLL
[7CFE68BDC065E55AA5E8421607037511][1 1181696 ]C:\WINDOWS\SYSTEM32\WSMSVC.DLL
[6298277B73C77FA99106B271A7525163][1 1929952 ]C:\WINDOWS\SYSTEM32\WUAUENG.DLL
[575A4190D989F64732119E4114045A4F][6 55296 ]C:\WINDOWS\SYSTEM32\WUDFSVC.DLL
[E8F602CA1E700496240CF07D9681D040][2 139264 ]C:\WINDOWS\SYSTEM32\XVIDVFW.DLL
===
[MBR]
[MD5=8DFCB9866793F2141D041DC2251C69AB]
M8CO0LwAfI7Ajti+AHy/AAa5AAL886RQaBwGy/u5BAC9vgeAfgAAfAsPhRABg8UQ4vHNGIhW
AFXGRhEFxkYQALRBu6pVzRNdcg+B+1WqdQn3wQEAdAP+RhBmYIB+EAB0JmZoAAAAAGb/dgho
AABoAHxoAQBoEAC0QopWAIv0zROfg8QQnusUuAECuwB8ilYAinYBik4Cim4DzRNmYXMe/k4R
D4UMAIB+AIAPhIoAsoDrglUy5IpWAM0TXeucgT7+fVWqdW7/dgDoigAPhRUAsNHmZOh/ALDf
5mDoeACw/+Zk6HEAuAC7zRpmI8B1O2aB+1RDUEF1MoH5AgFyLGZoB7sAAGZoAAIAAGZoCAAA
AGZTZlNmVWZoAAAAAGZoAHwAAGZhaAAAB80aWjL26gB8AADNGKC3B+sIoLYH6wOgtQcy5AUA
B4vwrDwAdPy7BwC0Ds0Q6/IryeRk6wAkAuD4JALDSW52YWxpZCBwYXJ0aXRpb24gdGFibGUA
RXJyb3IgbG9hZGluZyBvcGVyYXRpbmcgc3lzdGVtAE1pc3Npbmcgb3BlcmF0aW5nIHN5c3Rl
bQAAAABiepk=
===

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OTL 10:11 pm 6/7/12 Again nothing titled Extras.txt popped up after the scan.

OTL logfile created on: 6/7/2012 10:19:22 PM - Run 3
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 46.61% Memory free
6.22 Gb Paging File | 4.36 Gb Available in Paging File | 70.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 450.71 Gb Total Space | 240.74 Gb Free Space | 53.41% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 4.74 Gb Free Space | 31.63% Space Free | Partition Type: NTFS
Drive G: | 3.74 Gb Total Space | 3.46 Gb Free Space | 92.54% Space Free | Partition Type: FAT32

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/31 00:15:52 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2012/05/04 13:17:40 | 000,595,216 | ---- | M] (Greatis Software) -- C:\Program Files\UnHackMe\hackmon.exe
PRC - [2012/05/04 09:34:11 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/29 15:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/02/29 15:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:56 | 000,493,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcfgex.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/17 19:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/06/30 16:46:44 | 000,146,032 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2010/06/30 16:46:32 | 000,121,456 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2010/06/30 16:46:30 | 001,264,240 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Acer Display\eDisplay Management\dthtml.exe
PRC - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
PRC - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
PRC - [2010/04/16 15:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/12 03:40:46 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/09 03:39:05 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/09 03:37:49 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012/05/09 03:37:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 03:34:07 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/09 03:33:54 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012/05/09 03:33:44 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012/05/09 03:32:30 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/09 03:32:14 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/05/04 09:34:10 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/02/29 13:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012/02/12 21:33:04 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/02/05 20:23:37 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/01/21 16:44:13 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2861.39845__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2861.40070__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2861.39803__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2861.39858__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2861.40076__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.2861.40095__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2861.39817__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2861.39837__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2861.39824__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2861.40095__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2011/01/21 16:44:13 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2861.39825__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2861.39865__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2861.40018__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:11 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2820.26372__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2820.26370__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011/01/21 16:44:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2820.26369__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2820.26409__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011/01/21 16:44:11 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2820.26370__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2820.26382__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2820.26371__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2820.26375__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2820.26381__90ba9c70f846762e\DEM.OS.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2820.26382__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2820.26385__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2820.26376__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2820.26386__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011/01/21 16:44:10 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011/01/21 16:44:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2820.26396__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011/01/21 16:44:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2861.39832__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011/01/21 16:44:09 | 000,458,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2861.40053__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011/01/21 16:44:09 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2861.40061__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011/01/21 16:44:09 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2861.40060__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2861.40086__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011/01/21 16:44:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2820.26394__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2820.26370__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2820.26376__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2820.26375__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011/01/21 16:44:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2820.26372__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2861.40096__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011/01/21 16:44:08 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2861.39811__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011/01/21 16:44:08 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2861.39795__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011/01/21 16:44:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011/01/21 16:44:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2861.40061__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011/01/21 16:44:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011/01/21 16:44:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2820.26376__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011/01/21 16:44:07 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2861.39793__90ba9c70f846762e\APM.Server.dll
MOD - [2011/01/21 16:44:06 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2861.39794__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/06/30 16:46:42 | 000,236,144 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DThook.dll
MOD - [2010/06/30 16:46:26 | 000,084,592 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2010/06/30 16:37:38 | 000,172,032 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
MOD - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
MOD - [2007/03/02 11:44:34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/05/04 09:34:11 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 06:42:45 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/06/30 16:46:32 | 000,121,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2010/04/16 15:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/03/29 22:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/18 12:38:44 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 00:34:54 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/19 00:34:46 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\Owner\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Owner\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012/05/30 20:56:46 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/29 18:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/17 07:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/10/11 18:36:12 | 000,135,296 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RzSynapse.sys -- (RzSynapse)
DRV - [2010/04/16 15:34:10 | 000,017,136 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2009/04/10 22:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/04/10 22:14:00 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2008/01/18 22:49:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/18 22:49:18 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2007/11/02 00:20:12 | 003,170,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/09/12 03:44:34 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/05/06 18:12:02 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/02/21 14:49:48 | 000,015,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2007/02/21 14:49:47 | 000,023,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2007/02/21 14:49:47 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2007/02/21 14:49:47 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/02/21 14:49:47 | 000,014,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2007/02/21 14:49:47 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2007/01/06 00:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2007/01/06 00:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce™
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2006/11/02 04:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2006/11/02 04:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2006/11/02 04:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2006/11/02 04:49:32 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2006/11/02 04:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2006/11/02 04:03:00 | 000,242,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2006/11/02 03:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 03:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 03:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006/11/02 03:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2006/11/02 03:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2006/11/02 03:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 03:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 03:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 03:51:38 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2006/11/02 03:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2006/11/02 03:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2006/11/02 03:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 03:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2006/11/02 03:35:03 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2006/11/02 03:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2006/11/02 03:30:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2006/11/02 03:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2006/11/02 03:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2006/11/02 03:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7B 40 5D C6 BA 42 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.facebook....riwestern.edu/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/05/29 10:00:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/31 21:30:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/09 10:49:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/04 09:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/12 03:27:42 | 000,000,000 | ---D | M]

[2012/02/05 20:13:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2012/06/05 15:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\9ofhl484.default\extensions
[2012/05/22 22:13:15 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\9ofhl484.default\extensions\[email protected]
[2012/02/17 14:06:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/05 15:36:17 | 000,525,079 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/05/22 22:13:15 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/05/22 22:13:12 | 000,118,971 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\[email protected]
[2012/05/04 09:34:11 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 08:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 08:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DT ACR] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe ()
O4 - HKLM..\Run: [Razer Anansi Driver] C:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D38FC0F2-8E84-40B6-8A2E-CC5EA5127C67}: DhcpNameServer = 192.168.3.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\Desktop\backgrounds\dethklok_5_wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\Desktop\backgrounds\dethklok_5_wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (Partizan)
O34 - HKLM BootExecute: (x\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9})
O34 - HKLM BootExecute: (漀瀀)
O34 - HKLM BootExecute: (䀀猀栀攀氀氀㌀㈀⸀搀氀氀Ⰰⴀ㈀㄀)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/07 20:46:47 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/06/07 20:45:50 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/04 16:01:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\temp
[2012/06/04 15:50:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/04 15:50:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/04 15:50:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/04 15:49:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/06/04 15:49:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/04 14:19:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\tdsskiller(2)
[2012/06/04 14:12:25 | 004,539,477 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/06/04 14:11:41 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/05/31 13:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/05/31 13:42:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/05/31 00:15:50 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/30 21:09:24 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Owner\Desktop\HiJackThis.exe
[2012/05/30 20:56:46 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/05/30 20:56:46 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/05/30 20:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2012/05/30 20:56:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\RegRun2
[2012/05/30 20:56:27 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\System32\drivers\UnHackMeDrv.sys
[2012/05/30 20:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2012/05/30 20:56:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo
[2012/05/30 20:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2012/05/29 10:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/22 23:10:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/05/22 23:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/05/09 10:48:31 | 000,000,000 | ---D | C] -- C:\$AVG
[2012/05/09 10:48:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AVG2012
[2012/05/09 10:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/05/09 01:42:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\New Folder

========== Files - Modified Within 30 Days ==========

[2012/06/07 22:15:57 | 000,000,512 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/06/07 22:07:30 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/07 22:07:30 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/07 21:33:02 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000UA.job
[2012/06/07 20:49:31 | 000,002,523 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/06/07 20:35:11 | 004,539,477 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/06/07 18:30:33 | 100,013,892 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/06/07 17:21:16 | 000,229,837 | ---- | M] () -- C:\Users\Owner\Desktop\Flathead Catfish 77_7001-thumb-405x640-10532.jpg
[2012/06/07 15:33:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000Core.job
[2012/06/07 00:14:54 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/07 00:14:54 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/07 00:07:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/06 22:35:50 | 000,169,821 | ---- | M] () -- C:\Users\Owner\Desktop\prof66.jpg
[2012/06/06 21:45:27 | 000,125,522 | ---- | M] () -- C:\Users\Owner\Desktop\ys.jpg
[2012/06/06 21:35:30 | 000,118,929 | ---- | M] () -- C:\Users\Owner\Desktop\dreamindemon.jpg
[2012/06/04 20:35:40 | 000,069,729 | ---- | M] () -- C:\Users\Owner\Documents\comp1g2gie.jpg
[2012/06/04 14:12:19 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/05/31 18:32:11 | 000,491,395 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/05/31 13:34:15 | 001,402,880 | ---- | M] () -- C:\Users\Owner\Desktop\HijackThis.msi
[2012/05/31 00:15:52 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/30 21:09:25 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Owner\Desktop\HiJackThis.exe
[2012/05/30 20:56:46 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/05/30 20:56:46 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/05/30 20:56:31 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/05/30 20:56:31 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[2012/05/30 20:56:31 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2012/05/30 20:56:28 | 000,000,752 | ---- | M] () -- C:\Users\Owner\Desktop\UnHackMe.lnk
[2012/05/30 20:56:00 | 011,891,666 | ---- | M] () -- C:\Users\Owner\Desktop\unhackme.zip
[2012/05/29 10:00:56 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/26 20:21:10 | 000,830,270 | ---- | M] () -- C:\Users\Owner\Desktop\sade_120_days_pdf.zip
[2012/05/23 23:35:33 | 000,002,042 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2012/05/23 23:35:33 | 000,002,004 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/23 21:09:21 | 000,238,914 | ---- | M] () -- C:\Users\Owner\Documents\wbccollage.jpg
[2012/05/22 23:17:17 | 000,013,892 | ---- | M] () -- C:\Users\Owner\Documents\cc_20120522_231707.reg
[2012/05/22 23:16:46 | 000,094,248 | ---- | M] () -- C:\Users\Owner\Documents\cc_20120522_231630.reg
[2012/05/22 23:10:55 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/22 22:10:51 | 000,357,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/20 20:31:52 | 000,088,194 | ---- | M] () -- C:\Users\Owner\Desktop\rof.jpg
[2012/05/19 20:12:54 | 000,018,957 | ---- | M] () -- C:\Users\Owner\Desktop\metal.jpg
[2012/05/15 02:16:08 | 000,040,130 | ---- | M] () -- C:\Users\Owner\Desktop\225.jpg
[2012/05/14 22:31:01 | 000,042,200 | ---- | M] () -- C:\Users\Owner\Desktop\540372_143668185766692_100003705349347_174945_1648790776_n.jpg
[2012/05/14 17:04:18 | 000,087,130 | ---- | M] () -- C:\Users\Owner\Desktop\_c864077_image_0.jpg
[2012/05/13 20:37:26 | 000,819,046 | ---- | M] () -- C:\Users\Owner\Desktop\Flames.jpg
[2012/05/13 13:47:20 | 000,026,899 | ---- | M] () -- C:\Users\Owner\Desktop\baphomet.jpg
[2012/05/13 13:46:54 | 000,223,500 | ---- | M] () -- C:\Users\Owner\Desktop\Satan.png
[2012/05/13 13:46:19 | 000,043,192 | ---- | M] () -- C:\Users\Owner\Desktop\satanskull.jpg
[2012/05/13 13:45:26 | 000,369,059 | ---- | M] () -- C:\Users\Owner\Desktop\graveyard-of-[bleep]-satanic.jpg
[2012/05/13 13:32:52 | 000,033,520 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_3.jpg
[2012/05/13 13:32:45 | 000,064,651 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_1.jpg
[2012/05/13 13:32:33 | 000,038,955 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_10.jpg
[2012/05/13 13:19:18 | 000,153,748 | ---- | M] () -- C:\Users\Owner\Desktop\devil-1600x1200.jpg

========== Files Created - No Company Name ==========

[2012/06/07 17:21:15 | 000,229,837 | ---- | C] () -- C:\Users\Owner\Desktop\Flathead Catfish 77_7001-thumb-405x640-10532.jpg
[2012/06/06 22:35:49 | 000,169,821 | ---- | C] () -- C:\Users\Owner\Desktop\prof66.jpg
[2012/06/06 21:45:27 | 000,125,522 | ---- | C] () -- C:\Users\Owner\Desktop\ys.jpg
[2012/06/06 21:35:30 | 000,118,929 | ---- | C] () -- C:\Users\Owner\Desktop\dreamindemon.jpg
[2012/06/04 20:35:40 | 000,069,729 | ---- | C] () -- C:\Users\Owner\Documents\comp1g2gie.jpg
[2012/06/04 15:50:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/04 15:50:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/04 15:50:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/04 15:50:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/04 15:50:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/04 14:56:52 | 000,000,512 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/05/31 13:42:22 | 000,002,523 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/05/31 13:34:08 | 001,402,880 | ---- | C] () -- C:\Users\Owner\Desktop\HijackThis.msi
[2012/05/30 20:56:31 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2012/05/30 20:56:28 | 000,000,752 | ---- | C] () -- C:\Users\Owner\Desktop\UnHackMe.lnk
[2012/05/30 20:54:51 | 011,891,666 | ---- | C] () -- C:\Users\Owner\Desktop\unhackme.zip
[2012/05/26 20:21:04 | 000,830,270 | ---- | C] () -- C:\Users\Owner\Desktop\sade_120_days_pdf.zip
[2012/05/23 21:09:21 | 000,238,914 | ---- | C] () -- C:\Users\Owner\Documents\wbccollage.jpg
[2012/05/22 23:17:11 | 000,013,892 | ---- | C] () -- C:\Users\Owner\Documents\cc_20120522_231707.reg
[2012/05/22 23:16:35 | 000,094,248 | ---- | C] () -- C:\Users\Owner\Documents\cc_20120522_231630.reg
[2012/05/22 23:10:55 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/20 20:31:52 | 000,088,194 | ---- | C] () -- C:\Users\Owner\Desktop\rof.jpg
[2012/05/19 20:12:54 | 000,018,957 | ---- | C] () -- C:\Users\Owner\Desktop\metal.jpg
[2012/05/14 22:56:41 | 000,040,130 | ---- | C] () -- C:\Users\Owner\Desktop\225.jpg
[2012/05/14 22:29:36 | 000,042,200 | ---- | C] () -- C:\Users\Owner\Desktop\540372_143668185766692_100003705349347_174945_1648790776_n.jpg
[2012/05/14 17:04:17 | 000,087,130 | ---- | C] () -- C:\Users\Owner\Desktop\_c864077_image_0.jpg
[2012/05/13 20:37:25 | 000,819,046 | ---- | C] () -- C:\Users\Owner\Desktop\Flames.jpg
[2012/05/13 13:47:19 | 000,026,899 | ---- | C] () -- C:\Users\Owner\Desktop\baphomet.jpg
[2012/05/13 13:46:53 | 000,223,500 | ---- | C] () -- C:\Users\Owner\Desktop\Satan.png
[2012/05/13 13:46:19 | 000,043,192 | ---- | C] () -- C:\Users\Owner\Desktop\satanskull.jpg
[2012/05/13 13:45:25 | 000,369,059 | ---- | C] () -- C:\Users\Owner\Desktop\graveyard-of-[bleep]-satanic.jpg
[2012/05/13 13:32:51 | 000,033,520 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_3.jpg
[2012/05/13 13:32:45 | 000,064,651 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_1.jpg
[2012/05/13 13:32:32 | 000,038,955 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_10.jpg
[2012/05/13 13:19:17 | 000,153,748 | ---- | C] () -- C:\Users\Owner\Desktop\devil-1600x1200.jpg
[2012/05/09 10:50:14 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/04/07 14:26:41 | 000,007,432 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2012/03/12 22:37:42 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/01/24 12:24:12 | 000,004,608 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/23 20:55:28 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/01/23 20:55:28 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/01/22 13:35:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/22 13:34:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/01/22 13:34:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/01/21 16:46:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/01/21 16:42:20 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011/01/21 16:42:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/01/21 16:42:20 | 000,154,206 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/01/21 16:42:20 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/01/21 16:42:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2011/01/21 16:18:19 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat

========== LOP Check ==========

[2012/03/10 12:19:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Atari
[2011/01/23 21:43:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Auslogics
[2012/05/09 10:48:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2012
[2012/04/07 14:35:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DisplayTune
[2012/03/10 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2012/03/04 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Oberon Media
[2012/02/11 14:42:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org
[2012/03/22 14:24:03 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ulead Systems
[2012/06/07 00:06:19 | 000,028,350 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:23BEBB72

< End of report >

#7
Gammo

Posted 09 June 2012 - 01:34 PM

Member 2k

Malware Removal
2,299 posts

Please delete your copy of OTL (from the Desktop).

Then download the latest version of OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Check the box that says Scan All Users.
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

#8
BoudiccaGruaim

Posted 09 June 2012 - 02:25 PM

New Member

Topic Starter
Member
5 posts

I did what you said but it still didn't pop up with an Extras.txt, just the OTL.txt

OTL logfile created on: 6/9/2012 3:13:46 PM - Run 4
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 61.38% Memory free
6.23 Gb Paging File | 4.77 Gb Available in Paging File | 76.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 450.71 Gb Total Space | 242.35 Gb Free Space | 53.77% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 4.74 Gb Free Space | 31.63% Space Free | Partition Type: NTFS
Drive G: | 3.74 Gb Total Space | 3.46 Gb Free Space | 92.54% Space Free | Partition Type: FAT32

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/09 15:13:33 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2012/05/04 13:17:40 | 000,595,216 | ---- | M] (Greatis Software) -- C:\Program Files\UnHackMe\hackmon.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/19 04:51:54 | 001,254,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/29 15:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/02/29 15:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:53:14 | 000,758,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/17 09:58:56 | 000,939,416 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/17 19:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/06/30 16:46:44 | 000,146,032 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2010/06/30 16:46:32 | 000,121,456 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2010/06/30 16:46:30 | 001,264,240 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Acer Display\eDisplay Management\dthtml.exe
PRC - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
PRC - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
PRC - [2010/04/16 15:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/12 03:40:46 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/09 03:39:05 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/09 03:37:49 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012/05/09 03:37:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 03:34:07 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/09 03:33:54 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012/05/09 03:33:44 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012/05/09 03:32:30 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/09 03:32:14 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/02/12 21:33:04 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/01/21 16:44:13 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2861.39845__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2861.40070__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2861.39803__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2861.39858__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2861.40076__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.2861.40095__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2861.39817__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2861.39837__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2861.39824__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2861.40095__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2011/01/21 16:44:13 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2011/01/21 16:44:13 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2861.39825__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2861.39865__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011/01/21 16:44:12 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2861.40018__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011/01/21 16:44:11 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2820.26372__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2820.26370__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011/01/21 16:44:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2820.26369__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2820.26409__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011/01/21 16:44:11 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2820.26370__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2820.26382__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2820.26371__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2820.26375__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2820.26381__90ba9c70f846762e\DEM.OS.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2820.26382__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2820.26385__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2820.26376__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2820.26386__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011/01/21 16:44:11 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011/01/21 16:44:10 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011/01/21 16:44:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2820.26396__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011/01/21 16:44:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2861.39832__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011/01/21 16:44:09 | 000,458,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2861.40053__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011/01/21 16:44:09 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2861.40061__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011/01/21 16:44:09 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2861.40060__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011/01/21 16:44:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2861.40086__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011/01/21 16:44:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2820.26394__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2820.26370__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2011/01/21 16:44:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2820.26376__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2820.26375__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011/01/21 16:44:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2011/01/21 16:44:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2820.26372__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011/01/21 16:44:09 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2861.40096__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2011/01/21 16:44:09 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011/01/21 16:44:08 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2861.39811__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011/01/21 16:44:08 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2861.39795__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011/01/21 16:44:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011/01/21 16:44:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2861.40061__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011/01/21 16:44:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011/01/21 16:44:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2820.26376__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011/01/21 16:44:07 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2861.39793__90ba9c70f846762e\APM.Server.dll
MOD - [2011/01/21 16:44:06 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2861.39794__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/06/30 16:46:42 | 000,236,144 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DThook.dll
MOD - [2010/06/30 16:46:26 | 000,084,592 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2010/06/30 16:37:38 | 000,172,032 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2010/05/13 16:34:48 | 000,711,792 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
MOD - [2010/05/13 16:34:42 | 000,674,928 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe

========== Win32 Services (SafeList) ==========

SRV - [2012/06/08 02:31:07 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/04 09:34:11 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/02/29 18:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/06/30 16:46:32 | 000,121,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2010/04/16 15:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Owner\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/05/30 20:56:46 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/29 18:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/17 07:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/10/11 18:36:12 | 000,135,296 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RzSynapse.sys -- (RzSynapse)
DRV - [2010/04/16 15:34:10 | 000,017,136 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2009/04/10 22:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2007/11/02 00:20:12 | 003,170,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/09/12 03:44:34 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/05/06 18:12:02 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/11/02 02:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7B 40 5D C6 BA 42 CD 01 [binary data]
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook....riwestern.edu/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/05/29 10:00:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/31 21:30:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/09 10:49:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/04 09:34:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/12 03:27:42 | 000,000,000 | ---D | M]

[2012/02/05 20:13:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2012/06/05 15:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\9ofhl484.default\extensions
[2012/05/22 22:13:15 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\9ofhl484.default\extensions\[email protected]
[2012/02/17 14:06:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/05 15:36:17 | 000,525,079 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/05/22 22:13:15 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/05/22 22:13:12 | 000,118,971 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9OFHL484.DEFAULT\EXTENSIONS\[email protected]
[2012/05/04 09:34:11 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 08:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 08:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DT ACR] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe ()
O4 - HKLM..\Run: [Razer Anansi Driver] C:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKU\S-1-5-21-2145506375-2984372104-633398988-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2145506375-2984372104-633398988-1002..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2145506375-2984372104-633398988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2145506375-2984372104-633398988-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D38FC0F2-8E84-40B6-8A2E-CC5EA5127C67}: DhcpNameServer = 192.168.3.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\Desktop\backgrounds\dethklok_5_wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\Desktop\backgrounds\dethklok_5_wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (Partizan)
O34 - HKLM BootExecute: (x\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9})
O34 - HKLM BootExecute: (漀瀀)
O34 - HKLM BootExecute: (䀀猀栀攀氀氀㌀㈀⸀搀氀氀Ⰰⴀ㈀㄀)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/07 20:46:47 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/06/07 20:45:50 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/04 16:01:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\temp
[2012/06/04 15:50:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/04 15:50:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/04 15:50:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/04 15:49:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/06/04 15:49:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/04 14:19:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\tdsskiller(2)
[2012/06/04 14:12:25 | 004,539,477 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/06/04 14:11:41 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/05/31 13:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/05/31 13:42:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/05/31 00:15:50 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/30 21:09:24 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Owner\Desktop\HiJackThis.exe
[2012/05/30 20:56:46 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/05/30 20:56:46 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/05/30 20:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2012/05/30 20:56:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\RegRun2
[2012/05/30 20:56:27 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\System32\drivers\UnHackMeDrv.sys
[2012/05/30 20:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2012/05/30 20:56:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo
[2012/05/30 20:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2012/05/29 10:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/22 23:10:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/05/22 23:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

========== Files - Modified Within 30 Days ==========

[2012/06/09 15:13:33 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/06/09 14:33:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000UA.job
[2012/06/09 14:29:47 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/09 14:29:47 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/09 09:11:27 | 100,097,793 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/06/08 17:25:54 | 000,495,292 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/06/08 15:33:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2145506375-2984372104-633398988-1000Core.job
[2012/06/08 14:47:52 | 000,021,109 | ---- | M] () -- C:\Users\Owner\Desktop\newsfeed.jpg
[2012/06/08 02:34:21 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/08 02:34:21 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/08 02:29:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/07 22:15:57 | 000,000,512 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/06/07 20:49:31 | 000,002,523 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/06/07 20:35:11 | 004,539,477 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/06/07 17:21:16 | 000,229,837 | ---- | M] () -- C:\Users\Owner\Desktop\Flathead Catfish 77_7001-thumb-405x640-10532.jpg
[2012/06/06 22:35:50 | 000,169,821 | ---- | M] () -- C:\Users\Owner\Desktop\prof66.jpg
[2012/06/06 21:45:27 | 000,125,522 | ---- | M] () -- C:\Users\Owner\Desktop\ys.jpg
[2012/06/06 21:35:30 | 000,118,929 | ---- | M] () -- C:\Users\Owner\Desktop\dreamindemon.jpg
[2012/06/04 20:35:40 | 000,069,729 | ---- | M] () -- C:\Users\Owner\Documents\comp1g2gie.jpg
[2012/06/04 14:12:19 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/05/31 13:34:15 | 001,402,880 | ---- | M] () -- C:\Users\Owner\Desktop\HijackThis.msi
[2012/05/30 21:09:25 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Owner\Desktop\HiJackThis.exe
[2012/05/30 20:56:46 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/05/30 20:56:46 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/05/30 20:56:31 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/05/30 20:56:31 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[2012/05/30 20:56:31 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2012/05/30 20:56:28 | 000,000,752 | ---- | M] () -- C:\Users\Owner\Desktop\UnHackMe.lnk
[2012/05/30 20:56:00 | 011,891,666 | ---- | M] () -- C:\Users\Owner\Desktop\unhackme.zip
[2012/05/29 10:00:56 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/26 20:21:10 | 000,830,270 | ---- | M] () -- C:\Users\Owner\Desktop\sade_120_days_pdf.zip
[2012/05/23 23:35:33 | 000,002,042 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2012/05/23 23:35:33 | 000,002,004 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/23 21:09:21 | 000,238,914 | ---- | M] () -- C:\Users\Owner\Documents\wbccollage.jpg
[2012/05/22 23:17:17 | 000,013,892 | ---- | M] () -- C:\Users\Owner\Documents\cc_20120522_231707.reg
[2012/05/22 23:16:46 | 000,094,248 | ---- | M] () -- C:\Users\Owner\Documents\cc_20120522_231630.reg
[2012/05/22 23:10:55 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/22 22:10:51 | 000,357,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/20 20:31:52 | 000,088,194 | ---- | M] () -- C:\Users\Owner\Desktop\rof.jpg
[2012/05/19 20:12:54 | 000,018,957 | ---- | M] () -- C:\Users\Owner\Desktop\metal.jpg
[2012/05/15 02:16:08 | 000,040,130 | ---- | M] () -- C:\Users\Owner\Desktop\225.jpg
[2012/05/14 22:31:01 | 000,042,200 | ---- | M] () -- C:\Users\Owner\Desktop\540372_143668185766692_100003705349347_174945_1648790776_n.jpg
[2012/05/14 17:04:18 | 000,087,130 | ---- | M] () -- C:\Users\Owner\Desktop\_c864077_image_0.jpg
[2012/05/13 20:37:26 | 000,819,046 | ---- | M] () -- C:\Users\Owner\Desktop\Flames.jpg
[2012/05/13 13:47:20 | 000,026,899 | ---- | M] () -- C:\Users\Owner\Desktop\baphomet.jpg
[2012/05/13 13:46:54 | 000,223,500 | ---- | M] () -- C:\Users\Owner\Desktop\Satan.png
[2012/05/13 13:46:19 | 000,043,192 | ---- | M] () -- C:\Users\Owner\Desktop\satanskull.jpg
[2012/05/13 13:45:26 | 000,369,059 | ---- | M] () -- C:\Users\Owner\Desktop\graveyard-of-[bleep]-satanic.jpg
[2012/05/13 13:32:52 | 000,033,520 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_3.jpg
[2012/05/13 13:32:45 | 000,064,651 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_1.jpg
[2012/05/13 13:32:33 | 000,038,955 | ---- | M] () -- C:\Users\Owner\Desktop\review_lod_10.jpg
[2012/05/13 13:19:18 | 000,153,748 | ---- | M] () -- C:\Users\Owner\Desktop\devil-1600x1200.jpg

========== Files Created - No Company Name ==========

[2012/06/08 14:47:52 | 000,021,109 | ---- | C] () -- C:\Users\Owner\Desktop\newsfeed.jpg
[2012/06/07 17:21:15 | 000,229,837 | ---- | C] () -- C:\Users\Owner\Desktop\Flathead Catfish 77_7001-thumb-405x640-10532.jpg
[2012/06/06 22:35:49 | 000,169,821 | ---- | C] () -- C:\Users\Owner\Desktop\prof66.jpg
[2012/06/06 21:45:27 | 000,125,522 | ---- | C] () -- C:\Users\Owner\Desktop\ys.jpg
[2012/06/06 21:35:30 | 000,118,929 | ---- | C] () -- C:\Users\Owner\Desktop\dreamindemon.jpg
[2012/06/04 20:35:40 | 000,069,729 | ---- | C] () -- C:\Users\Owner\Documents\comp1g2gie.jpg
[2012/06/04 15:50:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/04 15:50:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/04 15:50:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/04 15:50:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/04 15:50:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/04 14:56:52 | 000,000,512 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/05/31 13:42:22 | 000,002,523 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/05/31 13:34:08 | 001,402,880 | ---- | C] () -- C:\Users\Owner\Desktop\HijackThis.msi
[2012/05/30 20:56:31 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2012/05/30 20:56:28 | 000,000,752 | ---- | C] () -- C:\Users\Owner\Desktop\UnHackMe.lnk
[2012/05/30 20:54:51 | 011,891,666 | ---- | C] () -- C:\Users\Owner\Desktop\unhackme.zip
[2012/05/26 20:21:04 | 000,830,270 | ---- | C] () -- C:\Users\Owner\Desktop\sade_120_days_pdf.zip
[2012/05/23 21:09:21 | 000,238,914 | ---- | C] () -- C:\Users\Owner\Documents\wbccollage.jpg
[2012/05/22 23:17:11 | 000,013,892 | ---- | C] () -- C:\Users\Owner\Documents\cc_20120522_231707.reg
[2012/05/22 23:16:35 | 000,094,248 | ---- | C] () -- C:\Users\Owner\Documents\cc_20120522_231630.reg
[2012/05/22 23:10:55 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/20 20:31:52 | 000,088,194 | ---- | C] () -- C:\Users\Owner\Desktop\rof.jpg
[2012/05/19 20:12:54 | 000,018,957 | ---- | C] () -- C:\Users\Owner\Desktop\metal.jpg
[2012/05/14 22:56:41 | 000,040,130 | ---- | C] () -- C:\Users\Owner\Desktop\225.jpg
[2012/05/14 22:29:36 | 000,042,200 | ---- | C] () -- C:\Users\Owner\Desktop\540372_143668185766692_100003705349347_174945_1648790776_n.jpg
[2012/05/14 17:04:17 | 000,087,130 | ---- | C] () -- C:\Users\Owner\Desktop\_c864077_image_0.jpg
[2012/05/13 20:37:25 | 000,819,046 | ---- | C] () -- C:\Users\Owner\Desktop\Flames.jpg
[2012/05/13 13:47:19 | 000,026,899 | ---- | C] () -- C:\Users\Owner\Desktop\baphomet.jpg
[2012/05/13 13:46:53 | 000,223,500 | ---- | C] () -- C:\Users\Owner\Desktop\Satan.png
[2012/05/13 13:46:19 | 000,043,192 | ---- | C] () -- C:\Users\Owner\Desktop\satanskull.jpg
[2012/05/13 13:45:25 | 000,369,059 | ---- | C] () -- C:\Users\Owner\Desktop\graveyard-of-[bleep]-satanic.jpg
[2012/05/13 13:32:51 | 000,033,520 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_3.jpg
[2012/05/13 13:32:45 | 000,064,651 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_1.jpg
[2012/05/13 13:32:32 | 000,038,955 | ---- | C] () -- C:\Users\Owner\Desktop\review_lod_10.jpg
[2012/05/13 13:19:17 | 000,153,748 | ---- | C] () -- C:\Users\Owner\Desktop\devil-1600x1200.jpg
[2012/04/07 14:26:41 | 000,007,432 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2012/03/12 22:37:42 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/01/24 12:24:12 | 000,004,608 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/23 20:55:28 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/01/23 20:55:28 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/01/22 13:35:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/22 13:34:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/01/22 13:34:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/01/21 16:46:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/01/21 16:42:20 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011/01/21 16:42:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/01/21 16:42:20 | 000,154,206 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/01/21 16:42:20 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/01/21 16:42:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2011/01/21 16:18:19 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat

========== LOP Check ==========

[2012/03/10 12:19:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Atari
[2011/01/23 21:43:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Auslogics
[2012/05/09 10:48:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2012
[2012/04/07 14:35:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DisplayTune
[2012/03/10 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2012/03/04 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Oberon Media
[2012/02/11 14:42:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org
[2012/03/22 14:24:03 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ulead Systems
[2012/06/08 02:28:41 | 000,028,722 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:23BEBB72

< End of report >

#9
Gammo

Posted 21 June 2012 - 10:08 AM

Member 2k

Malware Removal
2,299 posts

Sorry for my very late reply.

All of your log files appear to be clean, so I don't think your problem is caused by malware. I suggest you start a new topic about the problem here. :thumbsup: