Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Java Agent Virus and possibly others

Started by joeebel , Jun 05 2012 08:22 PM

  • Please log in to reply

#1
joeebel
Posted 05 June 2012 - 08:22 PM

joeebel

    New Member

  • Member
  • Pip
  • 1 posts
A couple weeks ago my computer started to randomly freeze up (except for the mouse) a few minutes after startup. My first reaction was to do a boottime scan with avast free antivirus which discovered multiple Java Agent Viruses in my Java deployment cache. I "sent them to chest" and cleared my Java cache, but my computer kept freezing within 30 minutes of starting up. The last few times I powered it up, I noticed it was starting very slowly, so I am fairly sure this is a virus and not a hardware issue.

I have a few other symptoms that I believe may be the result of hardware malfunctions(I think I may have damaged some drivers by hard rebooting the machine after it freezes).

These symptoms include:
-multiple blue screen of death (I notice these more commonly in safe mode and once on startup)
-webcam initialization failure notice
-USB device not recognized notice (I have no USB device plugged in)
-Random distorted sounds on login screen (uncommon)

As a side note, I do not think that moving the viruses to the chest using avast makes them harmless and I do not think they were deleted when I cleared the cache.

Here are the names and virus definitions of the viruses found by my Avast scan:


NAME ---------------------- VIRUS
rotor\zalux$zordo.class --- Java:Agent-TB[Expl]
rotor\zalux.class --------- Java:Agent-WY[Expl]
rotor\Zo666.class --------- Java:Agent-ZZ[Expl]
rotor\Zom.class ----------- Java:Agent-ZW[Expl]
rotor\Zom2.class ---------- Java:Agent-ATN[Expl]
rotor\Glocker.class ------- Java:Agent-ZY[Expl]
rotor\zalux$1.class ------- Java:Agent-ZX[Expl]
CustomClass.class --------- Java:Jade-B[Heur]
dostuff.class ------------- Java:Agent-QO[Trj]
evilPolicy.class ---------- Java:Malware-gen[Trj]
mosdef.class -------------- Java:Agent-BA[Expl]
SiteError.class ----------- Java:CVE-2010-0094-A[Expl]
33abbce1-27973768 --------- Java:CVE-2011-3544-AQ[Expl]
20f2605e-298b46b7 --------- Java:CVE-2011-3544-AS[Expl]
folder\Zamena.class ------- Java:Agent-GA[Expl]
folder\Glocker.class ------ Java:Agent-EC[Expl]
folder\Glockbus.class ----- Java:Agent-DK[Expl]

All of these were found in the Java Deployment Cache
(I had to type those so I hope the spelling is all right)

Thank you in advance for any help you can give me.

Here is my OTL log:




OTL logfile created on: 6/5/2012 8:16:39 PM - Run 1
OTL by OldTimer - Version 3.2.46.1 Folder = C:\Users\Joe\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.84 Gb Total Physical Memory | 1.44 Gb Available Physical Memory | 50.73% Memory free
5.68 Gb Paging File | 3.75 Gb Available in Paging File | 66.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.48 Gb Total Space | 213.43 Gb Free Space | 73.98% Space Free | Partition Type: NTFS

Computer Name: JOE-PC | User Name: Joe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/05 20:15:36 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Joe\Downloads\OTL.exe
PRC - [2012/05/24 13:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Joe\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/05/20 16:27:22 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe
PRC - [2012/05/20 16:27:20 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugin-container.exe
PRC - [2012/05/10 17:54:32 | 000,161,336 | ---- | M] (Google) -- C:\Users\Joe\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2012/05/03 14:10:02 | 002,446,872 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012/05/03 14:07:06 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012/04/30 14:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2012/04/30 14:04:28 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2012/03/06 18:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/12/26 14:06:50 | 000,743,560 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe
PRC - [2011/12/23 00:09:56 | 000,023,176 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
PRC - [2011/12/23 00:09:46 | 000,070,792 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe
PRC - [2011/12/23 00:09:46 | 000,061,064 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2011/09/22 13:43:28 | 000,645,048 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2011/09/02 02:15:40 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/08 13:39:34 | 000,047,768 | ---- | M] (National Instruments Corporation) -- C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe
PRC - [2010/11/08 13:38:18 | 000,047,776 | ---- | M] (National Instruments Corporation) -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
PRC - [2010/10/20 13:59:28 | 000,752,304 | ---- | M] (National Instruments Corporation) -- C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
PRC - [2010/09/02 12:52:12 | 000,989,184 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2010/08/31 15:24:26 | 000,319,574 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
PRC - [2010/08/31 15:21:48 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2010/08/31 15:20:20 | 000,147,563 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
PRC - [2010/07/30 15:28:08 | 000,194,224 | ---- | M] (National Instruments Corporation) -- C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
PRC - [2010/06/23 13:14:54 | 000,131,776 | ---- | M] (National Instruments Corporation) -- C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
PRC - [2010/06/18 21:58:10 | 000,012,696 | ---- | M] (National Instruments Corporation) -- C:\Program Files\National Instruments\MAX\nimxs.exe
PRC - [2010/06/14 13:39:48 | 000,018,584 | ---- | M] (National Instruments Corporation) -- C:\Windows\System32\nipxism.exe
PRC - [2010/04/20 09:21:12 | 000,109,712 | ---- | M] (National Instruments Corporation) -- C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
PRC - [2010/03/24 14:23:06 | 000,012,696 | ---- | M] (National Instruments Corporation) -- C:\Windows\System32\nipalsm.exe
PRC - [2010/03/10 10:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) -- C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
PRC - [2010/03/10 10:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) -- C:\Windows\System32\lktsrv.exe
PRC - [2010/03/10 10:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) -- C:\Windows\System32\lkads.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/09/29 12:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) -- C:\Windows\System32\lkcitdl.exe
PRC - [2009/09/14 02:00:00 | 000,200,704 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIGGA.EXE
PRC - [2009/08/17 13:48:46 | 001,294,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009/08/17 13:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009/08/11 19:09:54 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe
PRC - [2009/08/11 19:09:38 | 001,324,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TEco.exe
PRC - [2009/08/11 14:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/08/10 22:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
PRC - [2009/08/06 20:05:18 | 000,583,024 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
PRC - [2009/08/06 20:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
PRC - [2009/08/05 17:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/08/05 17:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/08/05 17:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/08/03 20:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/08/03 20:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/07/28 23:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/28 17:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/28 17:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009/07/13 20:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2009/07/13 18:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/07/07 12:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe
PRC - [2009/03/27 21:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/03/10 21:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/01/14 00:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
PRC - [2008/09/25 18:49:00 | 000,195,080 | ---- | M] (LSI Corp.) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2008/05/16 23:12:54 | 000,290,816 | ---- | M] (Pharos Systems International) -- C:\Program Files\PharosSystems\Core\CTskMstr.exe
PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/20 16:27:21 | 002,042,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\mozjs.dll
MOD - [2012/05/20 12:18:03 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\efb741df80921d51e0f19679751ebf55\System.ServiceProcess.ni.dll
MOD - [2012/05/20 12:17:08 | 012,433,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\79b487ba3d893f59ce7e697d06721dd0\System.Windows.Forms.ni.dll
MOD - [2012/05/20 12:17:01 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\1dce8ad4aa93ed395af726c0e510846e\System.Drawing.ni.dll
MOD - [2012/05/20 12:16:39 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/20 12:16:35 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/20 12:16:33 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/20 12:16:15 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/10 21:13:59 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2011/12/23 00:08:28 | 000,051,848 | ---- | M] () -- C:\Program Files\EaseUS\Todo Backup\bin\CodeLog.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/08/31 15:20:22 | 000,028,672 | ---- | M] () -- C:\Windows\System32\BsMobileCSps.dll
MOD - [2010/08/23 16:08:11 | 008,007,680 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2010/04/12 10:19:56 | 000,237,568 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll
MOD - [2010/03/31 22:59:22 | 000,122,880 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\Mobile\s40pack.dll
MOD - [2009/08/03 20:17:24 | 000,079,192 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
MOD - [2009/07/29 18:35:38 | 000,014,648 | ---- | M] () -- C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll
MOD - [2009/07/25 13:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2009/07/16 18:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/16 18:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2009/06/22 17:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2009/03/12 22:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2003/05/01 18:23:28 | 000,041,472 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\Mobile\CsCvt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2012/05/20 16:27:21 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 14:10:02 | 002,446,872 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/04/30 14:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/12/23 00:09:56 | 000,023,176 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent)
SRV - [2011/12/23 00:09:46 | 000,061,064 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2011/09/22 13:43:28 | 000,645,048 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/11/20 07:19:33 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2010/11/08 13:39:34 | 000,047,768 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe -- (niSvcLoc)
SRV - [2010/11/08 13:38:18 | 000,047,776 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer)
SRV - [2010/11/04 20:52:39 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/10/20 13:59:28 | 000,752,304 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe -- (NITaggerService)
SRV - [2010/09/02 12:52:12 | 000,989,184 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2010/09/01 15:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/08/31 15:21:48 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2010/08/31 15:20:20 | 000,147,563 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS)
SRV - [2010/07/30 15:28:08 | 000,194,224 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe -- (nimDNSResponder)
SRV - [2010/06/23 13:14:54 | 000,131,776 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe -- (niLXIDiscovery)
SRV - [2010/06/18 21:58:10 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\MAX\nimxs.exe -- (mxssvr)
SRV - [2010/06/14 13:39:48 | 000,018,584 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\nipxism.exe -- (nipxirmu)
SRV - [2010/05/17 18:18:44 | 001,007,616 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2010/04/26 18:09:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/24 14:23:06 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\nipalsm.exe -- (nidevldu)
SRV - [2010/03/24 14:23:06 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\nipalsm.exe -- (ni488enumsvc)
SRV - [2010/03/10 10:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2010/03/10 10:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\lktsrv.exe -- (lkTimeSync)
SRV - [2010/03/10 10:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\lkads.exe -- (lkClassAds)
SRV - [2009/10/20 13:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/09/29 12:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\System32\lkcitdl.exe -- (LkCitadelServer)
SRV - [2009/08/17 13:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/11 19:09:54 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009/08/10 22:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2009/08/06 20:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009/08/05 17:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/08/03 20:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/07/28 17:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 20:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2009/07/13 20:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\bthserv.dll -- (bthserv)
SRV - [2009/07/07 12:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe -- (RSELSVC)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/03 10:26:34 | 000,098,304 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\System32\Opcenum.exe -- (OpcEnum)
SRV - [2009/03/27 21:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/03/10 21:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/09/08 08:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/05/16 23:12:54 | 000,290,816 | ---- | M] (Pharos Systems International) [Auto | Running] -- C:\Program Files\PharosSystems\Core\CTskMstr.exe -- (Pharos Systems ComTaskMaster)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\usb6xxxkl.sys -- (usb6xxxk)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\nimsrlk.dll -- (nimsrlk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\nimslk.dll -- (nimslk)
DRV - File not found [Kernel | Disabled | Unknown] -- C:\windows\TEMP\mc219B7.tmp -- (mchInjDrv)
DRV - [2012/04/30 14:05:40 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2012/03/06 18:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 18:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 18:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/03/06 18:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 18:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/06 18:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/01/09 18:59:32 | 000,468,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012/01/09 18:59:30 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2012/01/09 18:59:30 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011/12/23 00:09:40 | 000,187,016 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV - [2011/12/23 00:09:38 | 000,044,680 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\EUBKMON.sys -- (EUBKMON)
DRV - [2011/12/23 00:09:32 | 000,017,032 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2011/12/23 00:09:30 | 000,050,312 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2011/08/03 15:27:28 | 000,019,192 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/05/07 18:51:28 | 000,455,256 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2011/01/18 12:48:02 | 000,011,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nipalfwedl.sys -- (nipalfwedl)
DRV - [2011/01/18 12:44:52 | 000,011,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nipalusbedl.sys -- (nipalusbedl)
DRV - [2011/01/18 12:26:58 | 000,573,592 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nipalk.sys -- (NIPALK)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 03:42:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2010/10/31 21:28:04 | 000,011,928 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nidsarkl.sys -- (nidsark)
DRV - [2010/10/31 21:04:28 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niwfrkl.sys -- (niwfrk)
DRV - [2010/10/31 20:48:26 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nissrkl.sys -- (nissrk)
DRV - [2010/10/31 20:27:50 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niesrkl.sys -- (niesrk)
DRV - [2010/10/31 19:51:56 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nixsrkl.sys -- (nixsrk)
DRV - [2010/10/31 19:25:58 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niufurkl.sys -- (niufurk)
DRV - [2010/10/31 19:13:36 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicsrkl.sys -- (nicsrk)
DRV - [2010/10/31 18:44:58 | 000,011,912 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niraptrkl.sys -- (niraptrk)
DRV - [2010/10/31 18:31:14 | 000,011,912 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicondrkl.sys -- (nicondrk)
DRV - [2010/10/31 18:16:26 | 000,011,952 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicmrkl.sys -- (nicmrk)
DRV - [2010/10/31 18:04:50 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niemrkl.sys -- (niemrk)
DRV - [2010/10/29 11:46:56 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nidmxfkl.sys -- (nidmxfk)
DRV - [2010/10/01 09:52:02 | 000,011,936 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nisdigkl.sys -- (nisdigk)
DRV - [2010/09/27 16:52:10 | 000,011,912 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nistc3rkl.sys -- (nistc3rk)
DRV - [2010/09/27 16:03:40 | 000,011,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nimsdrkl.sys -- (nimsdrk)
DRV - [2010/08/26 22:29:28 | 000,022,024 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcombus.sys -- (BTCOMBUS)
DRV - [2010/08/26 22:29:26 | 000,025,992 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcomport.sys -- (BTCOM)
DRV - [2010/08/18 23:19:44 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2010/07/27 20:28:22 | 000,017,544 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ni488lock.sys -- (ni488lock)
DRV - [2010/07/14 11:21:48 | 000,011,928 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nisftkl.sys -- (nisftk)
DRV - [2010/07/14 11:05:42 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ninshsdkl.sys -- (ninshsdk)
DRV - [2010/07/13 10:49:00 | 000,011,912 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niswdkl.sys -- (niswdk)
DRV - [2010/07/12 21:53:18 | 000,011,960 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nispdkl.sys -- (nispdk)
DRV - [2010/07/12 21:41:32 | 000,011,960 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niscdkl.sys -- (niscdk)
DRV - [2010/07/12 19:56:32 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nitiorkl.sys -- (nitiork)
DRV - [2010/07/11 10:03:12 | 000,011,952 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nimxpkl.sys -- (nimxpk)
DRV - [2010/07/11 09:54:54 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nimstskl.sys -- (nimstsk)
DRV - [2010/07/02 11:52:48 | 000,011,352 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicdrkl.sys -- (nicdrk)
DRV - [2010/06/24 12:35:04 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010/06/23 10:04:52 | 000,011,432 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NiViPxiKl.sys -- (NiViPxiK)
DRV - [2010/06/23 10:03:06 | 000,011,432 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NiViPciKl.sys -- (NiViPciK)
DRV - [2010/06/21 15:31:28 | 000,022,608 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ni1065k.sys -- (ni1065k)
DRV - [2010/06/21 15:31:24 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ni1045kl.sys -- (ni1045k)
DRV - [2010/06/21 15:31:14 | 000,026,192 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ni1006k.sys -- (ni1006k)
DRV - [2010/06/21 15:31:10 | 000,042,136 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nipxibrc.sys -- (nipxibrc)
DRV - [2010/06/21 15:31:06 | 000,058,504 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nipxibaf.sys -- (nipxibaf)
DRV - [2010/06/18 12:18:20 | 000,011,416 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nimxdfkl.sys -- (nimxdfk)
DRV - [2010/06/15 17:14:34 | 000,032,432 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\niede.sys -- (NIEthernetDeviceEnumerator)
DRV - [2010/06/14 14:30:06 | 000,021,144 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nipxigpk.sys -- (nipxigpk)
DRV - [2010/06/14 13:55:40 | 000,011,416 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nipxirmkl.sys -- (nipxirmk)
DRV - [2010/06/11 14:30:04 | 000,011,432 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nidimkl.sys -- (nidimk)
DRV - [2010/06/11 14:14:12 | 000,011,424 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nimdbgkl.sys -- (nimdbgk)
DRV - [2010/04/26 18:22:42 | 001,011,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/04/06 19:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010/04/06 19:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010/04/06 19:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2010/03/24 11:27:44 | 000,015,448 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nipbcfk.sys -- (nipbcfk)
DRV - [2010/01/19 10:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto | Running] -- C:\windows\System32\drivers\cvintdrv.sys -- (cvintdrv)
DRV - [2009/10/20 13:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/08/31 14:15:46 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nistcrkl.sys -- (nistcrk)
DRV - [2009/08/24 15:08:34 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nimru2kl.sys -- (nimru2k)
DRV - [2009/07/30 19:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/24 18:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2009/07/21 17:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/17 14:13:30 | 000,171,008 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/14 18:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 20:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2009/07/13 18:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 18:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2009/07/10 09:44:52 | 000,122,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2009/07/02 17:55:36 | 000,036,208 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2009/06/22 20:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/06/19 22:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2009/06/14 15:32:28 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niorbkl.sys -- (niorbk)
DRV - [2009/06/10 02:18:26 | 000,060,928 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ax88772.sys -- (AX88772)
DRV - [2009/01/05 10:19:28 | 000,011,312 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nistc2kl.sys -- (nistc2k)
DRV - [2008/12/05 16:21:24 | 000,020,104 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvalarmk.sys -- (lvalarmk)
DRV - [2008/09/24 15:01:34 | 000,077,824 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2008/08/26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/10/30 11:41:46 | 000,704,000 | ---- | M] (Keyspan) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USA19H2k.sys -- (USA19H)
DRV - [2007/05/29 15:32:58 | 000,024,192 | ---- | M] (Keyspan) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USA19H2kp.sys -- (USA19H2KP)
DRV - [2005/08/17 07:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM)
DRV - [2005/08/17 07:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 07:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSNA&bmod=TSNA
IE - HKLM\..\SearchScopes,DefaultScope = {CAF2D28A-1829-4350-9DD5-8F31970CBFF1}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2611275
IE - HKLM\..\SearchScopes\{CAF2D28A-1829-4350-9DD5-8F31970CBFF1}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSNA&bmod=TSNA
IE - HKCU\..\SearchScopes,DefaultScope = {CAF2D28A-1829-4350-9DD5-8F31970CBFF1}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2611275
IE - HKCU\..\SearchScopes\{CAF2D28A-1829-4350-9DD5-8F31970CBFF1}: "URL" = http://www.google.co...1I7TSNA_enUS366
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:3.6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\Program Files\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Joe\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Joe\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Joe\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Joe\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/05/23 21:10:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/05/09 15:51:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2012/05/28 23:07:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins [2012/05/28 23:07:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/28 23:07:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/28 23:07:11 | 000,000,000 | ---D | M]

[2010/01/08 22:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joe\AppData\Roaming\Mozilla\Extensions
[2012/05/02 05:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\7trfx4re.default\extensions
[2011/03/23 14:17:27 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\7trfx4re.default\extensions\[email protected]
[2010/11/13 14:14:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\7trfx4re.default\extensions\nostmp
[2012/05/23 23:17:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/23 23:17:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2012/05/23 23:17:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/04/20 20:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/20 20:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Joe\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Joe\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Users\Joe\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Joe\AppData\Local\Google\Chrome\Application\18.0.1025.168\gears.dll
CHR - plugin: getPlusPlus for Adobe 16291 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Joe\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Black Hole Sun = C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjflaldchiphekckakjglcfjiomhjobc\1_0\
CHR - Extension: avast! WebRep = C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Skype Extension = C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7280_0\
CHR - Extension: Angry Birds Rio = C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\naiiadhmoanbcldnbnndohpiodjlojla\1.0_0\

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [EaseUs Tray] C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [EaseUs Watch] C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (LSI Corp.)
O4 - HKLM..\Run: [NI Background Service] C:\Program Files\National Instruments\Shared\Update Service\niupdate.exe (National Instruments)
O4 - HKLM..\Run: [niDevMon] C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (National Instruments Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [DriverFinder] C:\Program Files\DriverFinder\DriverFinder.exe File not found
O4 - HKCU..\Run: [EPSON NX125 NX127 Series] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIGGA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Joe\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Joe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: vizzed.com ([www] * in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 134.48.29.175 134.48.29.185
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F25185FF-2385-4EE7-B171-4A18A660F9F5}: DhcpNameServer = 134.48.29.175 134.48.29.185
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{489b64d9-9881-11e1-9a9a-001583083073}\Shell - "" = AutoRun
O33 - MountPoints2\{489b64d9-9881-11e1-9a9a-001583083073}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe
O33 - MountPoints2\{f53147aa-605a-11e1-a0aa-001583083073}\Shell - "" = AutoRun
O33 - MountPoints2\{f53147aa-605a-11e1-a0aa-001583083073}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/28 23:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/05/27 17:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/05/11 09:40:01 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2012/05/11 09:36:54 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2012/05/10 23:18:19 | 000,000,000 | ---D | C] -- C:\Users\Joe\UBICOMP
[2012/05/10 23:07:07 | 000,000,000 | ---D | C] -- C:\Users\Joe\Jobs
[2012/05/09 15:51:25 | 000,044,376 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys
[2012/05/09 12:28:47 | 000,011,352 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\System32\drivers\kl2.sys
[2012/05/09 12:28:46 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\System32\drivers\kl1.sys
[2012/05/09 12:28:44 | 000,468,272 | ---- | C] (Kaspersky Lab) -- C:\windows\System32\drivers\klif.sys
[2012/05/09 12:28:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/05 20:14:40 | 000,016,304 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/05 20:14:40 | 000,016,304 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/05 20:07:09 | 000,006,586 | ---- | M] () -- C:\windows\System32\LOCALSERVICE.INI
[2012/06/05 20:05:23 | 000,000,876 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/05 20:05:15 | 000,001,327 | ---- | M] () -- C:\windows\System32\bscs.ini
[2012/06/05 20:04:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/06/05 20:04:36 | 2287,632,384 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/04 19:56:22 | 000,001,020 | ---- | M] () -- C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/04 19:56:00 | 000,000,880 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/04 19:54:03 | 000,000,900 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1583103045-1866647107-3774548051-1000UA.job
[2012/06/03 22:08:30 | 298,724,643 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/06/01 19:37:01 | 000,000,920 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1583103045-1866647107-3774548051-1000UA.job
[2012/05/28 23:54:00 | 000,000,848 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1583103045-1866647107-3774548051-1000Core.job
[2012/05/23 20:20:55 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2012/05/20 12:19:37 | 000,624,178 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/05/20 12:19:37 | 000,106,522 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/05/19 12:41:07 | 000,425,536 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/05/18 02:01:34 | 000,000,898 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1583103045-1866647107-3774548051-1000Core.job
[2012/05/09 12:48:59 | 000,415,915 | ---- | M] () -- C:\windows\System32\drivers\vsconfig.xml
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/14 17:07:40 | 000,000,307 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/07 20:21:16 | 000,044,680 | ---- | C] () -- C:\windows\System32\drivers\EUBKMON.sys
[2011/05/23 15:09:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/10 16:55:52 | 000,004,763 | ---- | C] () -- C:\windows\System32\SHORTCUT.INI
[2011/02/10 16:52:10 | 000,001,310 | ---- | C] () -- C:\windows\System32\REMOTEDEVICE.INI
[2011/02/10 16:51:38 | 000,006,586 | ---- | C] () -- C:\windows\System32\LOCALSERVICE.INI
[2011/02/10 16:51:09 | 000,000,276 | ---- | C] () -- C:\windows\System32\LOCALDEVICE.INI
[2011/02/10 16:47:51 | 000,000,000 | ---- | C] () -- C:\windows\System32\BSPRINT.INI
[2010/10/01 09:52:14 | 000,022,919 | ---- | C] () -- C:\windows\System32\drivers\NIUSB72F30200.bin
[2010/10/01 09:52:14 | 000,022,919 | ---- | C] () -- C:\windows\System32\drivers\NIUSB72F3.bin
[2010/10/01 09:52:14 | 000,022,919 | ---- | C] () -- C:\windows\System32\drivers\NIUSB72CC0200.bin
[2010/10/01 09:52:14 | 000,022,919 | ---- | C] () -- C:\windows\System32\drivers\NIUSB72CC.bin
[2010/10/01 09:52:14 | 000,012,329 | R--- | C] () -- C:\windows\System32\drivers\NIUSB71D7.bin
[2010/10/01 09:52:14 | 000,012,329 | ---- | C] () -- C:\windows\System32\drivers\NIUSB71D80200.bin
[2010/10/01 09:52:14 | 000,012,329 | ---- | C] () -- C:\windows\System32\drivers\NIUSB71D70200.bin
[2010/10/01 09:52:14 | 000,012,329 | ---- | C] () -- C:\windows\System32\drivers\NIUSB71D60200.bin
[2010/10/01 09:52:14 | 000,012,329 | ---- | C] () -- C:\windows\System32\drivers\NIUSB717B0200.bin
[2010/10/01 09:52:14 | 000,012,329 | ---- | C] () -- C:\windows\System32\drivers\NIUSB717A0200.bin
[2010/10/01 09:52:14 | 000,010,674 | ---- | C] () -- C:\windows\System32\drivers\NIUSB71DF0200.bin
[2010/10/01 09:52:14 | 000,010,674 | ---- | C] () -- C:\windows\System32\drivers\NIUSB71DF.bin
[2010/10/01 09:52:14 | 000,009,381 | R--- | C] () -- C:\windows\System32\drivers\NIUSB717B.bin
[2010/10/01 09:52:14 | 000,009,381 | ---- | C] () -- C:\windows\System32\drivers\NIUSB717B0100.bin
[2010/10/01 09:52:14 | 000,009,295 | R--- | C] () -- C:\windows\System32\drivers\NIUSB71D8.bin
[2010/10/01 09:52:14 | 000,009,295 | ---- | C] () -- C:\windows\System32\drivers\NIUSB71D80100.bin
[2010/10/01 09:52:14 | 000,009,158 | R--- | C] () -- C:\windows\System32\drivers\NIUSB71D6.bin
[2010/10/01 09:52:14 | 000,009,158 | ---- | C] () -- C:\windows\System32\drivers\NIUSB71D60100.bin
[2010/10/01 09:52:14 | 000,009,146 | R--- | C] () -- C:\windows\System32\drivers\NIUSB717A.bin
[2010/10/01 09:52:14 | 000,009,146 | ---- | C] () -- C:\windows\System32\drivers\NIUSB717A0100.bin
[2010/10/01 09:52:14 | 000,008,091 | R--- | C] () -- C:\windows\System32\drivers\NIUSB718A.bin
[2010/10/01 09:52:14 | 000,008,091 | ---- | C] () -- C:\windows\System32\drivers\NIUSB718A0100.bin
[2010/10/01 09:52:14 | 000,007,697 | ---- | C] () -- C:\windows\System32\drivers\NIUSB718A0200.bin
[2010/09/02 12:52:18 | 000,001,327 | ---- | C] () -- C:\windows\System32\bscs.ini
[2010/08/31 15:20:22 | 000,028,672 | ---- | C] () -- C:\windows\System32\BsMobileCSps.dll
[2010/08/31 13:14:15 | 000,049,152 | ---- | C] () -- C:\windows\System32\k19hinst.dll
[2010/08/25 14:03:32 | 000,073,220 | ---- | C] () -- C:\windows\System32\EPPICPrinterDB.dat
[2010/08/25 14:03:32 | 000,031,053 | ---- | C] () -- C:\windows\System32\EPPICPattern131.dat
[2010/08/25 14:03:32 | 000,029,114 | ---- | C] () -- C:\windows\System32\EPPICPattern1.dat
[2010/08/25 14:03:32 | 000,027,417 | ---- | C] () -- C:\windows\System32\EPPICPattern121.dat
[2010/08/25 14:03:32 | 000,021,021 | ---- | C] () -- C:\windows\System32\EPPICPattern3.dat
[2010/08/25 14:03:32 | 000,015,670 | ---- | C] () -- C:\windows\System32\EPPICPattern5.dat
[2010/08/25 14:03:32 | 000,013,280 | ---- | C] () -- C:\windows\System32\EPPICPattern2.dat
[2010/08/25 14:03:32 | 000,010,673 | ---- | C] () -- C:\windows\System32\EPPICPattern4.dat
[2010/08/25 14:03:32 | 000,004,943 | ---- | C] () -- C:\windows\System32\EPPICPattern6.dat
[2010/08/25 14:03:32 | 000,001,140 | ---- | C] () -- C:\windows\System32\EPPICPresetData_PT.dat
[2010/08/25 14:03:32 | 000,001,140 | ---- | C] () -- C:\windows\System32\EPPICPresetData_BP.dat
[2010/08/25 14:03:32 | 000,001,137 | ---- | C] () -- C:\windows\System32\EPPICPresetData_ES.dat
[2010/08/25 14:03:32 | 000,001,130 | ---- | C] () -- C:\windows\System32\EPPICPresetData_FR.dat
[2010/08/25 14:03:32 | 000,001,130 | ---- | C] () -- C:\windows\System32\EPPICPresetData_CF.dat
[2010/08/25 14:03:32 | 000,001,104 | ---- | C] () -- C:\windows\System32\EPPICPresetData_EN.dat
[2010/08/25 14:03:32 | 000,000,097 | ---- | C] () -- C:\windows\System32\PICSDK.ini
[2010/08/25 14:01:22 | 000,000,094 | ---- | C] () -- C:\windows\ENX125_127.ini
[2010/07/12 22:06:26 | 000,050,272 | ---- | C] () -- C:\windows\System32\nispdu.dll
[2010/07/12 21:53:10 | 000,071,776 | ---- | C] () -- C:\windows\System32\drivers\nispdk.dll
[2010/07/12 21:44:02 | 000,032,256 | ---- | C] () -- C:\windows\System32\niscdrau.dll
[2010/06/10 14:46:20 | 000,000,244 | ---- | C] () -- C:\windows\System32\nirpc.ini

========== LOP Check ==========

[2012/03/27 10:59:17 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\CheckPoint
[2011/01/07 01:28:30 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\DriverFinder
[2012/06/05 20:07:49 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\Dropbox
[2010/08/27 23:27:42 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\Epson
[2010/04/24 11:22:55 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\Facebook
[2012/04/26 15:55:43 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\gtk-2.0
[2011/02/03 23:31:17 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\Guitar Pro 6
[2010/08/25 14:05:46 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\Leadertech
[2011/09/01 18:56:12 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\National Instruments
[2012/03/27 05:39:05 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\Spotify
[2010/12/23 18:10:03 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\SystemRequirementsLab
[2010/02/03 00:26:01 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\Template
[2010/01/09 21:16:49 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\TOSHIBA
[2010/06/16 22:07:11 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\Walgreens
[2010/01/08 14:51:22 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\WinBatch
[2010/10/29 10:17:29 | 000,000,000 | ---D | M] -- C:\Users\Joe\AppData\Roaming\Windows Live Writer
[2012/05/18 02:01:34 | 000,000,898 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1583103045-1866647107-3774548051-1000Core.job
[2012/06/01 19:37:01 | 000,000,920 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1583103045-1866647107-3774548051-1000UA.job
[2012/05/11 03:24:52 | 000,032,550 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by joeebel, 05 June 2012 - 08:23 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP